In an as yet unpublished but widely reported article entitled ‘Privacy In The Age Of Augmented Reality’, Alessandro Acquisiti, Ralph Gross and Fred Stuzman ‘investigate the feasibility of combining publicly available Web 2.0 data with off-the-shelf face recognition software for the purpose of large-scale, automated individual re-identification’.

The article that is due for publication in the Proceedings of the National Academy of Sciences makes for interesting reading, and I would like to thank Dr Acquisiti for sending me a preliminary draft in order to help me write this post.

For an introduction to and overview of the state of face recognition technology today see the Face Recognition website.

Now, to the nitty-gritty, the article reports a series of experiments conducted over the last year or so during which the researchers, using an over the counter face recognition software, try to identify a person from their photo using information that is freely available over the internet.

The results are interesting. In one experiment students walking through the University campus were asked if their photo could be taken and they were asked to complete a questionnaire. As they were answering the questions the computation task was carried out, requiring only seconds, and photo matches were found they they could identify. In this case more than 30% of the students were immediately traced.

The database searched was simple, Facebook. Due to Facebook publication rules the main photo is available to anybody, cannot be private and presents the required tag. A photo match offers several possible solutions however in this case, as the computation cannot be 100% certain that the faces are identical, and then a human has to choose which they feel are the correct matches.

If we take the case of an existing photo however the parameters change slightly, for many reasons. One of these is the fact that some of the photos are replicated and therefore the computer can give a 100% guarantee that the match is correct. And we can presume from experience that a lot of people post the same photo in different situations, and the following example bears witness to this fact.

In another experiment the researchers used an online dating agency that provided anonymous photos. In this case they could match names to the photos in about 10% of the cases, and then go on to find more information about the individual using conventional search means. In some cases the photo used on the dating site was the same one as that used on Facebook so the match was guaranteed. One more thing that the researchers were able to do in an extension experiment, was to use the logarithm used by the US government to create social security numbers from birth place and date information, all freely available on Facebook and Linkedin, to generate at least the first 5 digits of their Social Security Number.

See this article in The Atlantic for further explanation and a preview of the development of an App that can do it all for you from your mobile phone in real time, and this link to frequently asked questions as provided by the researchers themselves.

All of the above is an extension to existing uses of this technology however. This article on the Forensic Evidence website offers a non-exhaustive list of face recognition technology currently in use, from police forces that already use this technology to match a person’s face to a database of photos of existing offenders, to airports, international border guards and US casino chains, as well as some reflection on the privacy issues involved and a project that uses heat imaging so that the same technology can be used in the dark.

Another claim made in the article above is that many CCTV cameras currently in use in the UK are being fitted with face recognition capability. This has legal implications for anyone living or visiting the UK in terms of their right to anonymity. At present in Britain an individual is not forced to carry an identity card and a police officer cannot force a person to identify themself unless the official can find some evidence that a crime has been committed and the individual is reported for an offence. See the London Metropolitan Police stop and search rules here. In Britain you have the right to anonymity!

I would argue that if CCTV cameras are fitted with this technology than this right is either redundant or infringed upon.

According to the Network World website the FBI in the US are about to roll out a nationwide system of their own, the Next Generation Identification System will be capable of cross referencing photos, fingerprints and biometric data in order to identify an enormous backlog of photos currently unclassified that they currently hold.

My conclusion is that either now or in the very near future, as these technologies are improved and made freely available, anybody (and not just law enforcement authorities) will be able to recognize anybody they see on the street, identify them through an app in their telephone, and find out about their interests, sexual preferences and other personal information, if they have ever posted (or had posted for them) a photo of themselves on the Internet.

An interesting thought.

————————

(photo: Computational Photography Homework 1 Results by kscottz from Flickr)