Friday, October 21, 2011
The Dangers of Facial Recognition are real
“Facebook's Privacy Issues Are Even Deeper Than We Knew” was the headline at forbes.com, just after the Black Hat Conference at Caesar’s Palace in Las Vegas in August 2011. A research team at Carnegie Mellon University had showed that Facebook has become a worldwide photo identification database.
“Paired with related research, we’re looking at the prospect where good, bad and ugly actors will be able identify a face in a crowd and know sensitive personal information about that person.”
It turns out that CMU searchers didn’t even have to log into Facebook to get to the photos there. They relied on just Facebook’s public profile information and off-the-shelf facial recognition software, then accessed profile information through Facebook’s search engine APIs. Nevertheless, they matched Facebook users with their pictures on otherwise anonymous Match.com accounts.
“Drawing upon previous research, they were also relatively successful at guessing individuals’ Social Security numbers. From there, of course, it is just an automated click to your Google profile, LinkedIn work history, credit report, and many other slices of private information.”
Two months later, the following article appeared on nextgov.com’s website:
FBI TO LAUNCH NATIONWIDE
FACIAL RECOGNITION SERVICE
“The FBI by mid-January  will activate a nationwide facial recognition service in select states that will allow local police to identify unknown subjects in photos, bureau officials told Nextgov … Often law enforcement authorities will ‘have a photo of a person and for whatever reason they just don't know who it is [but they know] this is clearly the missing link to our case,’ said Nick Megna, a unit chief at the FBI's criminal justice information services division. The new facial recognition service can help provide that missing link by retrieving a list of mug shots ranked in order of similarity to the features of the subject in the photo....
“Using the new Next-Generation Identification system that is under development, law enforcement analysts will be able to upload a photo of an unknown person; choose a desired number of results from two to 50 mug shots; and, within 15 minutes, receive identified mugs to inspect for potential matches. Users typically will request 20 candidates, Megna said....
“The planned addition of facial searches worries Sunita Patel, a staff attorney with the Center for Constitutional Rights, who said, ‘Any database of personal identity information is bound to have mistakes. And with the most personal immutable traits like our facial features and fingerprints, the public can't afford a mistake…."
The article goes on to say that large-scale searches may generate a lot of false positives. Hmmm … might that happen with your picture, taken from your passport, a travel visa, any government ID, your driver’s license, yours or someone else’s website, a dating site, or from Facebook (posted by you and/or your “friends”)?