Thursday, September 1, 2011

5 Places You Can Be Tracked by Facial Recognition Technology

Just a few days ago I posted a pretty extensive blog on Facial Recognition technology and the threat it poses to individual privacy. So for the sake of time and repetition I'm not going to go back over the basics (see that post for this), but rather, get straight to a fantastic article from Alternet entitled 5 Unexpected Places You Can Be Tracked With Facial Recognition Technology. Of particular interest to me was the coverage the piece gives to California's own recent fight that we at the Consumer Federation of California were deeply involved in, over biometric identifiers being used by the DMV. As such, our Executive Director, Richard Holober, is quoted in the article as well.

Before I provide some especially choice clips of this article (because it dovetails very well with my recent post on the topic), let me refresh everyone's memories regarding the successful campaign by privacy and consumer groups against the California DMV which resulted in, with just one day to spare, the Joint Legislative Budget Committee (JLBC) stepping in to reject the DMV’s proposal to impose sweeping new biometric technologies - such as facial and thumb print scans - as elements in a renewal of a vendor contract to produce driver’s licenses and ID cards.

At the time, the Consumer Federation of California had joined organizations from across the political spectrum – including the ACLU, Electronic Frontier Foundation, California Eagle Forum, Consumers Union, Privacy Activism, Privacy Rights Clearinghouse, and the World Privacy Forum - to urge the legislature to reject the DMV's request on the grounds that any change of this magnitude should be a policy matter for the legislature to decide, after considering whether it is effective, affordable, and if it contains the appropriate privacy safeguards.

If the JLBC did not act in time the proposal would have moved forward. Thankfully, at the very last moment a letter that was unequivocal in its opposition to the proposal was sent to the DMV from Senator Denise Ducheny - the Committee Chair.

Click here to read the complete letter. Here's a particularly important passage:

"Of particular concern is the proposed use of biometric technology as part of the card issuance process and the related privacy issues. I think the Legislature should consider the policy implications of using biometrics in the issuance of driver licenses before the department starts to use the technology. In addition, after review and discussions with DMV, the Analyst concluded that the request was not fully justified, in part because the department was unable to provide key information on the specific costs and benefits related to the proposed use of biometrics."

Click here to read the Monday, February 16th article in the San Jose Mercury News, entitled "DMV biometric plan will undergo public hearings".

Here was some of our argument on the DMV Proposal:

On January 14th the California Department of Finance – without notifying the public – sent a letter to inform the state Joint Legislative Budget Committee that it planned to issue a new vendor contract for production of California Driver’s Licenses, ID cards and Salesperson cards starting in June of 2009. Hidden in the fine print, the proposal called for “enhanced” biometric identification in state IDs. Unless this legislative committee objects to this plan within 30 days, the Department of Motor Vehicles will be free to begin implementing the biometric technology.

What are Biometrics?

Biometric technology is the computerized matching of an individual’s personal characteristics (like a thumbprint or facial scan) against an image or database of images.  In other words, the DMV and the Department of Finance are seeking to create a massive government database of biometric information from virtually every Californian over the age of 16 without debate or review - raising significant concerns regarding the increased surveillance, monitoring and tracking of individuals.

One would expect, in light of the ongoing and intensifying debate over the REAL ID Act (a federal plan to create a national identity card based on drivers’ licenses) and the increasing number and degree of privacy violations committed by the federal government in recent years, that such a program would be fully debated, in the open, by our representatives in the State Legislature and with public comment, before it could ever be enacted.

Because no such debate has occurred, and no attention has been given to the privacy concerns such a program warrants, a broad coalition of consumer and privacy rights advocates joined forces to urge the legislature to reject this request while there’s still time.

Our case against the proposal is twofold.

(1) The first is procedural: the DMV is attempting to use a routine contract renewal process to effectuate major policy changes.

As the ACLU noted:

    A 30-day expedited opt-out letter to the Legislature is an inappropriate vehicle to move from photographs and thumbprints of millions of Californians to advanced facial recognition technology and biometric systems that pose a number of privacy and security concerns if not handled carefully.

•    The DMV does not appear to have authority to implement biometric technologies that the Legislature has considered and rejected over the years, without the issues being fully considered and addressed in policy and budget hearings.

(2) The second relates to privacy and security: the underlying proposal to use biometric technologies has yet to establish appropriate safeguards to protect against identity theft and unwarranted government snooping into our private lives.

It’s important to understand the limitations of biometrics as well as their strengths. The fact is, biometrics are easy to steal. Our fingerprints are left everywhere we touch, and our iris scans are everywhere we look.

According to experts, biometrics work only if two things can be verified by the verifier: one, that the biometric came from the person at the time of verification, and two, that the biometric matches the master biometric on file. If the system can't do that, it can't work.

You can see more of this original post of mine here.

As face recognition and other biometrics advance, the technology has begun to proliferate in two predictable realms: law enforcement and commerce. Here are 5 places besides Facebook you might encounter face recognition and other biometric technology -- not that, for the most part, you would know it if you did. 

1. The streets of America 

In the fall, police officers from 40 departments will hit the streets armed with the Mobile Offender Recognition and Information System (MORIS) device. The gadget, which attaches to an iPhone, can take an iris scan from 6 inches away, a measure of a person's face from 5 feet away, or electronic fingerprints, according to Computer vision central. This biometric information can be matched to any database of pictures, including, potentially, one of the largest collections of tagged photos in existence: Facebook. The process is almost instant, so no time for a suspect to opt out of supplying law enforcement with a record of their biometric data.

2. The DMV

Slightly fewer than half of the DMVs in the US have the capacity to run your picture through biometric databases. Ostensibly, these searches are intended to catch people trying to collect multiple IDs from different states. Fair enough. But as EFF's Lee Tien told AlterNet, the DMV can also log into and run a person's face against any government database, including ones that hold criminal records. Last August, former New York Gov. David Paterson and DMV commissioner David Swartz held a triumphant news conference where they announced that more than 100 felony arrests were made through the DMV's facial recognition program.

In the past, the FBI has applied facial recognition technology to the DMV's vast database of photo images in pursuit of suspects, according to the AP...
'We see this as sort of creeping Big Brother government, an invasion of people's privacy,' said Richard Holober, executive director of the San Mateo-based Consumer Federation of California."


3. Las Vegas casinos, and Kraft and Adidas stores

For years Las Vegas casinos have used various forms of facial recognition to identify card-counters. Now, Vegas is at the forefront of efforts to adapt facial recognition to more efficiently suck money out of visitors. The LA Times reported last week that the Venetian hotel and casino has installed basic facial recognition software in advertisements. A camera captures an image of a person passing by and an algorithm determines their gender and rough age. The advertisement can then present them with products most likely to appeal to their demographic. 


4. Bars 

Inevitably, facial recognition software is also being deployed for the purpose of getting people laid. SceneTap, an app developed by a Chicago company uses information from facial recognition cameras planted in bars to determine the ratio of women to men and the average age of customers. As of June, 200 bars across the country had signed up to take partaccording to Forbes. SceneTap developers assured reporters that the cameras they're installing in bars do not capture high-enough-quality images to match them up to databases or Facebook profiles. 

In my last post I give a short summation of why I find the spread of this technology, and many other privacy related intrusions, so disturbing. It's not that any one violation alone is the problem, its the totality of them all...and the direction it indicates we're headed as a society. 

I wrote, "Whether its the knowledge that everything we do on the internet is followed and stored, that we can be wiretapped for no reason and without a warrant or probable cause, that smart grid systems monitor our daily in home habits and actions, that our emails can be intercepted, that our naked bodies must be viewed at airports and stored, that our book purchases can be accessed (particularly if Google gets its way and everything goes electronic), that street corner cameras are watching our every move, and that RFID tags and GPS technology allow for the tracking of clothes, cars, and phones (and the list goes on)...what is certain is privacy itself is on life support in this country...and without privacy there is no freedom. I also fear how such a surveillance society stifles dissent and discourages grassroots political/social activism that challenges government and corporate power...something that we desperately need more of in this country, not less."

Today's article from Alternet certainly gives me no reason to retract any of this...

No comments: