Findface can't identify you, who are you, why are you walking past my house? I have never seen you before, I'm going to call the police, you're acting strange.
There are all kinds of ways your picture can end up on the web without you putting it there. Perhaps you where at an event where pictures where taken and uploaded to Facebook. Perhaps your company has an employee profiles page. Perhaps you where photographed for your local newspaper a few years ago when you did that things. Saying "I haven't spread my photos thus they don't exist" is extremely naive.
Nope, your lifelong discipline of not publishing a single self-photo online will be undone by someone else who snaps a photo of you and posts it online.
Your picture might already be on the internet. Your friends may have uploaded a picture from a party or school reunion on Facebook. And since Facebook nagged them and they thought it'd be cool to tag you on the picture even though you don't have a Facebook account.
What if retail stores take your picture and then match it against your credit card at POS and then automatically identify you in the future as well? I can't imagine this is too far off, if it's not already happening.
I think exactly the opposite is true. "Personal spamming" will probably help you. Spread your photo as much as possible, all with different names and profiles :-)
I have a colleague / acquaintance who worked laboriously to prevent photos of himself being put online. He avoided all social media, tried to duck out of group photos and used pseudodyms for fora. Searching for him only returned photos of other people sharing his name.
Then one day last year he attended an open-day about retraining IT professionals as teachers. He didn't read the small print closely enough and photos taken at the event were published and studiously tagged by the event organisers. There he was, bubbling up on Google Images.
Subsequently he contacted the organisers and they did remove the tagging, but it was purely by chance that he had discovered it.
Honestly, this evolution became obvious more than 10 years ago.
Btw, Snowden is about illegal mass surveillance by the government (in collaboration with tech corporations). The app mentioned in the article however only connects publicly and legally available data (the consumer's fault).
I doubt that. No one prevents someone tagging me on Facebook even if I don't have a Facebook account. Now Facebook knows my name and the corresponding face without me ever using Facebook.
You can tag anyone on Facebook even if they don't have an account. When you start typing their name a drop-down box of suggestions appears. Hit the escape key and you can continue typing their name and tag them.
Anyone with your photo can associate it with your name on Facebook even if you don't use it.
Agreed with everything except "The consumer's fault." It's the data age now; information about you will make its way into the global repository without any direct action on your part.
- If you're a professional, someone is providing a way for your customers to audit interactions with you
- If you're a driver, someone is tracking your car's movements
- If you buy products, someone is tracking you bought them
- If you ever communicate online, someone has logged that communication
- If you're ever seen in public, someone can tag your face
... and after all this, if you piss an individual off enough, that individual can create a pastebin and drop as much of your personal info on there as they care to.
We're already past the event horizon of private (easily-gleaned) information staying private; it's time to re-organize the solution space around the assumption that the information is public.
buying products means tracking card payments. Maybe that was just the start, then fidelity cards followed, and even Amazon tracks what you search. And Google to sell you ads.
I disagree. Then you narrow down Snowden's point in a pedantic way. Snowden is broadly speaking about privacy. The issue about government mass surveillance is of course without anybody having been aware of its extent. Citizens should have been given the chance to weight in on the usage of surveillance.
But this is along much of the same lines, in that it shows how technology enables ways of invading your privacy that you might not have thought of.
Much of the NSA invasion of our privacy is about the capabilities they get through technology. With just a bunch of dead data, it would not nearly be as chilling as when Snowden explains how they can perform sophisticated searches through all data stored about you.
That's the thing with personal pictures online. Most people can't imagine what is going to happen in the future. People on Hacker News well understand this issue, but ask your non-computer friends and family.
If you'd tell them, that you can take a picture of a random person and search that picture out of a pool of people and get their contact info (as a private company / random programmer with enough data), they won't believe you or tell you that something like this is only possible in movies.
Even today it's no problem to analyze the Facebook picture of some random person and calculate a chance of that person being an alcoholic in X years based on the number of party pictures they share.
Before sharing personal information online, people should not ask themselves what could be done with that data now, but what is possible with that data in the future.
If Facebook is going out of business (just as a thought), their data has a lot of value. Don't think that they will delete everything. It will go to the highest bidder!
It honestly may be more productive to operate under the mindset of "My private information that is acquirable by a cursory examination of me (this includes face, which is obviously publicly visible) will inevitably find its way online in a way outside my control. What do I do given this reality?"
There is a fine line between "somebody who knows me (even if not personally) can recognize me on the street" and "everybody can know everything I do out in public or online"
That's a really hard battle to fight, even for those of us who understand the full implications. The entire population is not going to drop facebook overnight, it does deliver some sort of value to them despite it's heavy privacy price.
I'm beginning to believe that the answer is to simply devalue all that information. We can do it in some contexts on the technical side, for example, rotating passwords devalues stolen credentials, virtual credit cards, random MAC for wireless scanning, etc.
So how far can we push this? If you got into my email, but 90% of the messages there were generated by AI and 10% are legit, can you accurately profile me?
To get a little more on topic, how close do you think we are to 3D printers that can print a mask of your face? Once that happens, will the value of these "face recognisers" drop off a bit?
I have hope that this will change. Because more and more people live a fake life on social media.
Some people go crazy and share everything, but more and more people share less[^1] and if they share something, it's only something that holds together their "clean image".
Sure, that's a good sign, but it's still undone by someone else who posts a photo or recording of you. If I recall correctly, facebook used to (maybe still does) solicit users to "report" anybody who is not using their real name on the site. When will facebook start soliciting/rewarding users for uploading photos of others? How much does that guy in your class value your personal privacy?
I think is more phobia about technology than an actual problem.
I get that this is a radical view on HN, but when topics like this come up, it's always slippery slopes and fantastic nightmare scenarios (like 3D printing your face). I feel like we're in the 1980's debating over how to handle traffic laws for our flying cars in 2010 just because someone built one.
That HN comment you linked to is _still_ just a nightmare scenario.
If you read the article, you would see that they are lying about what happened. Even your question, based on incorrect information, is implying a slippery slope.
Once the nightmare scenario arrives though, it's usually too late to do anything about it. Look how impossibly hard it is to stop the NSA from gathering all of the network traffic. I wouldn't doubt for a second that Kim Jung would use this against protesters (if North Koreans had social networking). Just this morning I heard on NPR about a group working on genetic modifications to make half-human, half-animal beings, apparently for organ harvest reasons. However you feel about that, nipping things in the bud is so much easier than trying to reverse history.
Right, same with every other "sky is falling" argument.
The PRISM dark fiber exploit has since been blocked by most tech companies, and honestly, you're more likely to be negatively affected by slipping in your shower or a car accident. Doesn't mean don't be aware, it just means you don't need to wear a tinfoil hat. Or worry about hypothetical nightmare scenarios.
What makes you think they are lying?
Our view on the downsides of technology might be biased because we are (often, unless you're a moderator or a victim) sheltered from them[1].
[1] http://www.theverge.com/2016/4/13/11387934/internet-moderato...
Edit: grammar
They lied about persecution of gays and sex workers. The article was about a small group created to raise awareness about face recognition by trying to identify porn actresses, before closing entirely. Hardly a nightmare made real.
I'm also not sure how YouTube mods from 10+ years ago are relevant in a discussion about tech advancement. If anything, the automation of child porn detection since is proof that technology keeps up and prevents nightmare scenarios.
For your point about face recognition, this art project may be of interest to you: https://cvdazzle.com/
A very interesting idea that email privacy might realistically turn into a steganography problem - how do you make it so the real content is indistinguishable from fake content, and given that this is imperfect, make it so that all but the most sophisticated attackers wouldn't be able to tell that a hidden message even exists?
That sounds a lot like security by obscurity, one blog post later and the world can distinguish the two.
Cvdazzle is unlikey to be the answer, it's just today's CAPTCHA to slow down face recognition, tomorrow's recognition will cut through that
We need a more radical solution to devalue our private information. Consider by analogy cell phones: IMEI blacklists (in theory) fundamentally devalue stealing phones. What can we do that fundamentally makes assembling troves of personal information useless? Poisoning it with plausible garbage might be part of the answer. Also the answer /might/ be regulatory. HIPAA has teeth, we could add something else with teeth. Or perhaps an insurance-driven approach: if holding personal information was a big liability in the event of a leak, it would be prudent to keep as little as possible.
Not at all. People can opt-in and send their own photos, holding that data would be kosher. Holding photos of those who did not opt in, or those who explicitly opted out, would be where the liability comes in.
If we can penalize people for possessing some kinds of data (pirated software, movies, etc) in the name of defending someone else's copyright, or for not decrypting things, it can also be done in defence of personal privacy.
Or perhaps it would result in only the companies that need that data actually holding it, and doing so with care. I would love to see a big nasty liability poison pill attached to PII
You don't need to drop Facebook -- just turn privacy settings so that your face can't be identified publicly or beyond 1 degree of connection. People should know how to do at least that.
Your main profile picture is always public, as is your cover photo, so you will have to use a picture that doesn't identify you, which may be confusing to your friends.
The thing is, under a certain age everyone is doing it. When this current teenage generation grows up and gets into leadership positions - especially politics, they are all going to have their entire upbringing exposed for the whole nation to see.
The few that haven't will be viewed with cynicism and will most likely not be accepted by the population.
The population will be voting for their leaders based on how they were brought up.
It is going to be quite an interesting social phenomenon to witness.
That's a good point. But the only generation that's going to be affected is the facebook generation.The current teenage gen will just stick to whatsapp/kik conversations or snapchat and won't advertise themselves like fb gen did.
In that case analyze the photos sent on snapchat or whatever network is cool today. The problem is not only photos posted publicly (though it's most visible there).
> When this current teenage generation grows up and gets into leadership positions - especially politics, they are all going to have their entire upbringing exposed for the whole nation to see.
But that whole generation will be in the same situation. Everyone will have had to deal with it; embarassing/compromising college-era party photos will just be a thing that nearly everyone has dealt with.
Decades ago, having had an abortion or a child out of wedlock was a mortal social sin. Today, it doesn't matter.
This is an unbelievably ridiculous argument, the government has data on almost entire population thanks to all sort of identification cards and other innumerable sources of data. Why should corporations and other people be denied the same access & privilege.
You are spreading pure FUD, out of ignorance and misplaced sense of paternalism. The reality is that most people correctly understand the trade-off between privacy and utility. That's why they share information on social networks. They are not paranoid running around fearing government conspiracy theories. They just want to enjoy their short lives.
>> So what you're saying is, just because our governments collect everything, everybody else should be allowed to do it too, or stop worrying?
Yes, Strong corporations and public rights, are necessary to ensure, that government does not becomes too powerful. And there is at least some balance of power.
>> The fight for privacy is not for us, it's for generations to come.
Please define "us"?
"us" or "people" or "generations" are rhetorical devices, with little basis in reality. The romantic notion of "people" quickly disappears when those people either organize into corporations or political parties. At certain level Corporations & Governments are people, or aggregate expression of will of the people. The economies of scale necessitates strong corporations which can protect "people" from government and vice versa.
By that i mean, that our decisions today, will effect everything that follows.
If we educate people that privacy is a privilege, they might not do things (sharing personal information) in the future, that they would otherwise do.
And i'm not talking about world-changing stuff here, it's the little things, like sharing very personal information on social media, like my party picture example from above.
The problem is, most people don't understand the implecations of their doing. And that's why we, who understand those issues, need to educate them.
Another thing is, social media is sold as this warm and cozy place where all your friends are. But in reality, you share your information with big corporations that want to make money (which is totally fine, they provide a service).
People just need to understand, that social media is not a private and social environemnt, it's a tool, provided by a company that has (in most ways) no interest in your personal privacy.
> Yes, Strong corporations and public rights, are necessary to ensure, that government does not becomes too powerful. And there is at least some balance of power.
Are you suggesting here that corporations are a meaningful brake on state power?
Given that corporations are a legal fiction only made possible by the state institutions of law, currency, markets, international treaties, trade, and war, I don't see how this assertion can be supported; the origin, future, incentives, and fortunes of states and corporations have always been inextricably linked.
'Anarcho-capitalist' and libertarians solutions for non-state corporations have always appeared to me to be shallow hand-waving (speaking as a former anarcho-capitalist and hand-waver myself).
> Strong corporations and public rights, are necessary to ensure, that government does not becomes too powerful
Corporations are an exercise of government power; their strength isn't a safeguard against government power, it is government power.
So the real message here seems to be that exercises of government power that disproportionately favor a certain narrow elite are seen as necessary to prevent government exercising power in ways that benefit other groups.
You do realize the irony in your argument, considering its the Russian government which has probably the worst track record in recent times when it comes to a corrupt government abusing its power.
What you are essentially saying is that [1] this is bad but a government having a similar tool is fine.
I never said the government having it is fine. But the fact that it does doesn't mean you shouldn't be concerned about corporations and private people having it. And I certainly did not mention the Russian government.
>Why should corporations and other people be denied the same access & privilege.
Should we be offering that access and privilege to governments? Assuming that we should, your argument seems to be that it's "unfair" not to offer the same to businesses? Bizarre. Perhaps you can clarify.
>The reality is that most people correctly understand the trade-off between privacy and utility.
I would argue against that. However, even if "only" something like 20-30% of people don't understand the trade-off, that's a huge problem. Additionally, those who understand the trade-off that they are personally making in the present may not be giving thought to problems it will have for them personally in the future (the argument of the commenter you are responding to), or problems access to huge amounts of data causes in society right now or in the future.
>> Should we be offering that access and privilege to governments?
They already have it.
>> your argument seems to be that it's "unfair" not to offer the same to businesses? Bizarre.
In Sorrell vs IMS Health (2011) Supreme Court ruled 6-3 in favor IMS Health, that Commercial Speech was protected under First Amendment. This case is particularly relevant since IMS Health counsel successfully argued that Government could use Prescription data to market cheap generics to physicians however Pharmaceutical companies were prohibited from using the same information. The judges decided that this was unfair and amounted to restriction of commercial speech.
And few days ago the US Supreme Court in 6-2 decision in Spokeo inc. vs Robins ruled that there has to be a concrete evidence of harm/injury before data brokers can be sued.
So regarding my reasoning being Bizarre I think not.
Whether the government already has data is immaterial when the question is whether they "should" have it from a moral or philosophical standpoint, which is the context I'm assuming we're working within. The legality of their having it certainly has questionable constitutionality.
In Sorrell vs IMS Health, the issue does not seem to be whether government and private companies could use the same data to market pharmaceuticals, but whether pharmacies could sell prescription data without doctors' consent. "Fairness" to companies using the same data as government appears to have nothing to do with it. You missed a period at the end of your link, so I added it in mine below.
If we ignore that and assume your interpretation is correct, your conclusion that private individuals and organizations are privy to the exact same personal information that all government organizations may have is definitely not the conclusion that outcome would point towards and is still, indeed, a bizarre belief.
As to your final argument, who is talking about suing companies? If you're responding directly to something I said, the logic to connect it to your response is unclear at best.
As long as everyone has access to the data that's fair. What happens in practice though is that only a few actors with large resources do, thereby giving them even more power.
Two approaches to stave off the inevitable come to mind:
1. Do whatever it takes to be "behind the curtain" and one of the people who is in a position to do the exploiting, rather than being exploited. (It's up to you what you do with that power.)
2. The opposite of signal is noise. The same hackers who build these Big Brother tools will inevitably build the tools that flood Big Brother with noise. Disinformation campaigns will always be capable of re-training the surveillance machine.
For me the trick seems to be to get people to treat the net as if it was downtown during high noon.
Just because you are sitting there typing in your undies do not mean that what you post has the same privacy.
Also the worrying bit is not so much the data, as the actions taken on their basis.
Denying someone a job because they have a few photos of them enjoying a colorful drink is just the tip of the iceberg.
What about the day a kill shot is approved because the computer says the face is above a certain likelihood of being some big bad terrorist? At 70% there is still a 1 in 4 chance of being wrong.
Employers routinely subject applicants to personality tests, IQ tests, fitness tests for jobs that have nothing to do with manual labor (essentially age/gender discrimination), background checks, credit checks even when the job doesn't involve handling money, and yes, looking them up on social media. Do people really want to work for these places? Yes, because they need to pay their rent, and don't have the nestegg of a well-paid Silicon Valley software developer, or recruiters chasing them to offer them work.
The sense of free will is an illusion of physics and consciousness; choices are made by quasi-deterministic electrochemical processes before our conscious minds are ever aware of them.
> Even today it's no problem to analyze the Facebook picture of some random person and calculate a chance of that person being an alcoholic in X years based on the number of party pictures they share.
The problem is not that this calculation exists, but that people so easily misinterpret it. It doesn't mean "Person with these photos has a 65% chance of being an alcoholic in 5 years", what it REALLY means is "65% of the people with these photos became an alcoholic in 5 years".
That is a HUGE difference. For the remaining 35% there is perhaps some additional factor not included in the existence of the photos that guarantees there is a 0% chance of them ever becoming an alcoholic. When you try to apply general statistics about a large population to a single individual, it's not as simple as just saying "65% of the time this person will become an alcoholic". That's ridiculous anyway, because the person will only live one life, one time.
The calculation is useful from a marketing perspective. If I decide to advertise alcoholism treatments to these people in five years' time, I'll have a lot more success then if I'd just picked people at random to advertise to.
This distinction seems relevant only if you target one person, which seems pretty rare. In reality you're going to use this metric on a pool of people, in which case 65% of them would become an alcoholic in 5 years.
It becomes a problem when it's used for profiling, such as "Don't hire that person, there's a 65% chance they'll be an alcoholic" or "send a drone to kill that person, there's an 80% chance they're a terrorist"
I agree that it's a problem, but your distinction still seems generally pointless. If you have a company policy to not hire alcoholics and you reject 1,000 people based upon this metric then 65% would have been an alcoholic.
Now aggressively poll the new images with GPS location from Instagram/Twitter/Facebook, identify every face in sight, and build a realtime map of everyone everywhere!
(Actually for a lot of shots you could probably get by without the GPS location by recognizing some landmarks in the background)
>> "Actually for a lot of shots you could probably get by without the GPS location by recognizing some landmarks in the background"
Yes, this is already being done.
EDIT: Curious, why this is getting downvotes, any thought on why?
EDIT-2: Here's an example, though the general gist is you grab millions of photos with geo-location meta data, then train against this to ID the location of photos without the location meta-data:
Because the comment suggests, without offering any evidence, that there is a coordinated or automated large-scale effort underway to carry out the previous comment's plan.
It may be because you are simply stating that it is being done without any references to actual projects which might back up and add some value to your statement.
I wonder how effective systems like https://cvdazzle.com/ are against this. Will we all be putting on masks or face-paint in the future when we go outside?
You would need to somehow convince the population that looks are no longer important, or that somehow looking like you were a member of the band Kiss is now a popular look. It's not impossible, fashion changes all the time.
~10 years ago I was at Disneyland and saw this family all decked out in really elaborate face paint. At the time I thought "How cool!" Then several months later I realized it was Heidi Klum and Seal after I saw them on the cover of a supermarket tabloid. Granted, the face paint was probably to disguise themselves from the paparazzi and autograph requests rather than AI facial recognition. But perhaps prescient nonetheless.
Whenever I see some of these 'countermeasures' I usually run them through some high end commercial face recognition algorithms I have access to. In many of the cases the countermeasures are completely ineffective. They may fool some things like opencv DIY algorithms, but not the expensive stuff :). For those the most effective strategy is to just tilt your head to the left or right a lot, though that will possibly give you a sore neck and you'll definitely look silly.
just shave off your eyebrows, or makeup to make them appear gone. Most (nearly all) facial feature finders expect eyebrows of some kind. (I work in facial recognition.)
If this app can do it with 70% accuracy, then Google, Facebook, and Microsoft's tech (which may not be currently used for this) can probably do it with 90%+ accuracy.
It's likely using a nearest neighbor or tree search; it might take a billion instructions to process a single photo and another billion to do the nearest neighbor search.
The accuracy is not 70%. The percentage of times it is able to match a face to a social media profile, given the person has a profile, is 70%. You can't compare apples-to-apples with the results in Google's FaceNet.
It sounds that this would be a great tool for street scammers. At least the performance of the malevolent fortune tellers should be improved considerably. Find a gullible mark, research their life a bit and then perform the act.
Technology increasingly exposes the superficial nature of concepts like privacy and security. In nature, these things simply do not exist. They are also completely non-essential to human well-being. Our emotional attachment to such concepts is not doing us any favours.
Also, you can't be rooting for transparency AND privacy at the same time. You have to give up on one of these, and when you think about it, you have to conclude that the losing idea is that of "privacy".
My full name and address are already publicly available in countless places, if you had any legitimate interest you should have been able to find them in less time than it took you to write that comment. Btw., so are yours.
Sure I don't pretend that that mine are no accessible but this is most of the time a conscious choice. I still have privacy but I just choose what information I make public.
Also for example my address is probably nowhere public because I didn't choose to publish it.
All I'm saying is, sure, privacy is comfortable and we are fond of it and we all have our insecurities, BUT... it's going away, whether we like that or not. And really, it never actually did exist. But that's okay because we should still be able to get along just fine without it (to the extent that any people on Earth ever did get along...) Moreover, I feel that we would actually be better off and able to move forward faster by giving up on concepts like privacy and security.
I disagree, I think you can strike a balance between privacy and transparency. Sometimes they strengthen each other. I am from Norway, and I've lived in the US, and I would say that in many cases both privacy and transparency is stronger in Norway. E.g. in the US my credit history is inaccessible to me. I don't know who is accessing it. Yet this information is shared willy nilly with other businesses. So there is neither transparency on its usage nor privacy for me.
In contrasts in Norway, by law, it is far more restricted what the credit card companies can record about me. Whenever somebody requests information about me, by law I have to be sent exactly the same information. This provides both increased privacy and transparency. I get to know who is trying to find out stuff about me, and I got control over what sort of information is shared about me. If what is being sent out looks wrong I can contact the credit card companies and inform them about that.
Likewise you can look up anybody's tax returns in Norway. You can't look at the details however. But it is a great tool for transparency in that it allows you to check if e.g. government officials or others have way more income than they should be having. However whenever you request this information, people having those tax returns will be informed that you requested that information. This helps protect your privacy as you can't look at the neighbors tax returns without looking rather stupid and nosy.
a) Even if all information about every person is publicly accessible, none of us will know everything about all of us (Us being humanity). Some things about some people would be known by more people. For example, more people would know that the president is the president than whether I got a haircut any given day. Indeed, more people would know that the president exists than would know that I exist. There is a limited amount of attention, and not enough to give attention to everything, so some things must have more attention on them than others.
b) Negative attention can harm someone. Harassment hurts.
c) having information about someone can make it easier to focus the attention of others on that person, including negative attention. This is true even when the people whose attention is in question already could have accessed the information beforehand, but haven't. Perhaps even especially true.
Conclusion) Having all information available about all persons makes it easier for those who can direct people's attention to direct negative attention against those who they wish to do so against, and therefore increases their ability to harm those people, and therefore increases their power over them.
So a total lack of privacy makes those with power over attention more powerful.
With all the data being collected, has anyone been able to use it to defend themselves based on location and time recorded? I tend to think that if we're recording all of it, it ought to be immutable and sealed so that one can at least use it as evidence, but the cynic in me thinks this isn't something the governing powers have any interest in allowing.
I think if (more likely, when) we get to the point where people can have an alibi in this way, it will quickly turn sour. When you're accused of a crime and you can't be located during that time, it'll be used to make you look guilty—not just neutral.
My primary concern is who records and stores the data and how trustworthy it is. If a judge reasonably just believes a printout from law_inquiry@facebook.com, how am I able to prove the data is wrong? Therefore, we need standards and tamper proof records just as they are created on a device or even on servers. It's funny that so much of our ability to live a somewhat free life without getting locked up depends on cryptography.
> The algorithm comes from Moscow-based NTechLab, which recently boasted it bested Google’s recognition software at MegaFace, a technical challenge hosted by the University of Washington.
It's a bit baffling to me why University of Washington was trying to accelerate this capability. I'm all for pure academia, but this is just fingerprinting someone's face. The real tech is in being able to map a face from a 2D image, so why not make the contest about that?
Theoretically can't Facebook can create a similar app with about 99% accuracy?
On a tangential note, privacy is going to have interesting connotations as we build wearables and work to forget different ways of socially connecting them.
This is just one of many indicators that Edward Snowden is right about the importance of privacy in this day and age. With so much of our lives online, and the ability of technology to interpret that information, allowing spying agencies free pass to all your online data, is the equivalent of making it legal for them to install camera's in every room in your house and office.
There needs to be strong privacy rules and transparency on what degree spying agencies access data about random citizens.
We can not leave it completely to technology to solve this issue for us because regular users will never have the competency to understand how to secure their digital presence.
I agree with you .. but, the first thing that comes to mind is comparing the futility of staying private with the futility of stopping piracy.
Most tech people seem to believe piracy (music, video) is effectively unstoppable. What makes the end of privacy any different?
Of course I want privacy. For current sized cameras I'm pretty sure none are on (not 100% sure though) but as they get smaller and cheaper and people post more and more photos and eventually livecast their lives or at least large chunks of it (it seems like coming eventually whether we want it to or not), how will we stop the end of privacy anymore than we can stop piracy?
If this will be a problem and it's getting abused it will be illegal. It's also illegal to clone a human from your hairs.
I don't get it. I can also search in a phone book for names or i can contact goverment help to find. The problem is what happens after you got the information and this is regulated in laws.
If your data is not on the internet it doesn't mean you are invisible.
Ok, it seems this step is done. Face recognition, check. What's next? Does somebody knows the state of voice recognition (in the sense of ID'ing someone by his/her voice)?
153 comments
[ 2.9 ms ] story [ 178 ms ] threadThen one day last year he attended an open-day about retraining IT professionals as teachers. He didn't read the small print closely enough and photos taken at the event were published and studiously tagged by the event organisers. There he was, bubbling up on Google Images.
Subsequently he contacted the organisers and they did remove the tagging, but it was purely by chance that he had discovered it.
Btw, Snowden is about illegal mass surveillance by the government (in collaboration with tech corporations). The app mentioned in the article however only connects publicly and legally available data (the consumer's fault).
I doubt that. No one prevents someone tagging me on Facebook even if I don't have a Facebook account. Now Facebook knows my name and the corresponding face without me ever using Facebook.
Anyone with your photo can associate it with your name on Facebook even if you don't use it.
- If you're a professional, someone is providing a way for your customers to audit interactions with you
- If you're a driver, someone is tracking your car's movements
- If you buy products, someone is tracking you bought them
- If you ever communicate online, someone has logged that communication
- If you're ever seen in public, someone can tag your face
... and after all this, if you piss an individual off enough, that individual can create a pastebin and drop as much of your personal info on there as they care to.
We're already past the event horizon of private (easily-gleaned) information staying private; it's time to re-organize the solution space around the assumption that the information is public.
But this is along much of the same lines, in that it shows how technology enables ways of invading your privacy that you might not have thought of.
Much of the NSA invasion of our privacy is about the capabilities they get through technology. With just a bunch of dead data, it would not nearly be as chilling as when Snowden explains how they can perform sophisticated searches through all data stored about you.
If you'd tell them, that you can take a picture of a random person and search that picture out of a pool of people and get their contact info (as a private company / random programmer with enough data), they won't believe you or tell you that something like this is only possible in movies.
Even today it's no problem to analyze the Facebook picture of some random person and calculate a chance of that person being an alcoholic in X years based on the number of party pictures they share.
Before sharing personal information online, people should not ask themselves what could be done with that data now, but what is possible with that data in the future.
If Facebook is going out of business (just as a thought), their data has a lot of value. Don't think that they will delete everything. It will go to the highest bidder!
I'm beginning to believe that the answer is to simply devalue all that information. We can do it in some contexts on the technical side, for example, rotating passwords devalues stolen credentials, virtual credit cards, random MAC for wireless scanning, etc.
So how far can we push this? If you got into my email, but 90% of the messages there were generated by AI and 10% are legit, can you accurately profile me?
To get a little more on topic, how close do you think we are to 3D printers that can print a mask of your face? Once that happens, will the value of these "face recognisers" drop off a bit?
Some people go crazy and share everything, but more and more people share less[^1] and if they share something, it's only something that holds together their "clean image".
1: http://www.theverge.com/2016/4/7/11387604/facebook-personal-...
I get that this is a radical view on HN, but when topics like this come up, it's always slippery slopes and fantastic nightmare scenarios (like 3D printing your face). I feel like we're in the 1980's debating over how to handle traffic laws for our flying cars in 2010 just because someone built one.
It already is a nightmare scenario for some [1]. How bad should we let things get before we try to fix them?
[1] https://news.ycombinator.com/item?id=11721600
If you read the article, you would see that they are lying about what happened. Even your question, based on incorrect information, is implying a slippery slope.
The PRISM dark fiber exploit has since been blocked by most tech companies, and honestly, you're more likely to be negatively affected by slipping in your shower or a car accident. Doesn't mean don't be aware, it just means you don't need to wear a tinfoil hat. Or worry about hypothetical nightmare scenarios.
I'm also not sure how YouTube mods from 10+ years ago are relevant in a discussion about tech advancement. If anything, the automation of child porn detection since is proof that technology keeps up and prevents nightmare scenarios.
Also, why create the new account to question?
A very interesting idea that email privacy might realistically turn into a steganography problem - how do you make it so the real content is indistinguishable from fake content, and given that this is imperfect, make it so that all but the most sophisticated attackers wouldn't be able to tell that a hidden message even exists?
Cvdazzle is unlikey to be the answer, it's just today's CAPTCHA to slow down face recognition, tomorrow's recognition will cut through that
We need a more radical solution to devalue our private information. Consider by analogy cell phones: IMEI blacklists (in theory) fundamentally devalue stealing phones. What can we do that fundamentally makes assembling troves of personal information useless? Poisoning it with plausible garbage might be part of the answer. Also the answer /might/ be regulatory. HIPAA has teeth, we could add something else with teeth. Or perhaps an insurance-driven approach: if holding personal information was a big liability in the event of a leak, it would be prudent to keep as little as possible.
But this kills the social network, and the cloud photo app, and a lot of other businesses.
edit: nevermind, I think I misunderstood the suggestion. kardos's reply makes a lot of sense.
If we can penalize people for possessing some kinds of data (pirated software, movies, etc) in the name of defending someone else's copyright, or for not decrypting things, it can also be done in defence of personal privacy.
Or perhaps it would result in only the companies that need that data actually holding it, and doing so with care. I would love to see a big nasty liability poison pill attached to PII
The few that haven't will be viewed with cynicism and will most likely not be accepted by the population.
The population will be voting for their leaders based on how they were brought up.
It is going to be quite an interesting social phenomenon to witness.
I don't believe that it has a huge impact on voters.
But that whole generation will be in the same situation. Everyone will have had to deal with it; embarassing/compromising college-era party photos will just be a thing that nearly everyone has dealt with.
Decades ago, having had an abortion or a child out of wedlock was a mortal social sin. Today, it doesn't matter.
You are spreading pure FUD, out of ignorance and misplaced sense of paternalism. The reality is that most people correctly understand the trade-off between privacy and utility. That's why they share information on social networks. They are not paranoid running around fearing government conspiracy theories. They just want to enjoy their short lives.
The fight for privacy is not for us, it's for generations to come.
Yes, Strong corporations and public rights, are necessary to ensure, that government does not becomes too powerful. And there is at least some balance of power.
>> The fight for privacy is not for us, it's for generations to come.
Please define "us"?
"us" or "people" or "generations" are rhetorical devices, with little basis in reality. The romantic notion of "people" quickly disappears when those people either organize into corporations or political parties. At certain level Corporations & Governments are people, or aggregate expression of will of the people. The economies of scale necessitates strong corporations which can protect "people" from government and vice versa.
If we educate people that privacy is a privilege, they might not do things (sharing personal information) in the future, that they would otherwise do.
And i'm not talking about world-changing stuff here, it's the little things, like sharing very personal information on social media, like my party picture example from above.
The problem is, most people don't understand the implecations of their doing. And that's why we, who understand those issues, need to educate them.
Another thing is, social media is sold as this warm and cozy place where all your friends are. But in reality, you share your information with big corporations that want to make money (which is totally fine, they provide a service).
People just need to understand, that social media is not a private and social environemnt, it's a tool, provided by a company that has (in most ways) no interest in your personal privacy.
Are you suggesting here that corporations are a meaningful brake on state power?
Given that corporations are a legal fiction only made possible by the state institutions of law, currency, markets, international treaties, trade, and war, I don't see how this assertion can be supported; the origin, future, incentives, and fortunes of states and corporations have always been inextricably linked.
'Anarcho-capitalist' and libertarians solutions for non-state corporations have always appeared to me to be shallow hand-waving (speaking as a former anarcho-capitalist and hand-waver myself).
Corporations are an exercise of government power; their strength isn't a safeguard against government power, it is government power.
So the real message here seems to be that exercises of government power that disproportionately favor a certain narrow elite are seen as necessary to prevent government exercising power in ways that benefit other groups.
http://magarshak.com/blog/?p=169
What you are essentially saying is that [1] this is bad but a government having a similar tool is fine.
[1] https://en.wikipedia.org/wiki/Human_flesh_search_engine
Should we be offering that access and privilege to governments? Assuming that we should, your argument seems to be that it's "unfair" not to offer the same to businesses? Bizarre. Perhaps you can clarify.
>The reality is that most people correctly understand the trade-off between privacy and utility.
I would argue against that. However, even if "only" something like 20-30% of people don't understand the trade-off, that's a huge problem. Additionally, those who understand the trade-off that they are personally making in the present may not be giving thought to problems it will have for them personally in the future (the argument of the commenter you are responding to), or problems access to huge amounts of data causes in society right now or in the future.
They already have it.
>> your argument seems to be that it's "unfair" not to offer the same to businesses? Bizarre.
In Sorrell vs IMS Health (2011) Supreme Court ruled 6-3 in favor IMS Health, that Commercial Speech was protected under First Amendment. This case is particularly relevant since IMS Health counsel successfully argued that Government could use Prescription data to market cheap generics to physicians however Pharmaceutical companies were prohibited from using the same information. The judges decided that this was unfair and amounted to restriction of commercial speech.
And few days ago the US Supreme Court in 6-2 decision in Spokeo inc. vs Robins ruled that there has to be a concrete evidence of harm/injury before data brokers can be sued.
So regarding my reasoning being Bizarre I think not.
https://en.wikipedia.org/wiki/Sorrell_v._IMS_Health_Inc
http://www.scotusblog.com/case-files/cases/spokeo-inc-v-robi...
http://fortune.com/2016/05/16/supreme-court-spokeo-decision/
In Sorrell vs IMS Health, the issue does not seem to be whether government and private companies could use the same data to market pharmaceuticals, but whether pharmacies could sell prescription data without doctors' consent. "Fairness" to companies using the same data as government appears to have nothing to do with it. You missed a period at the end of your link, so I added it in mine below.
If we ignore that and assume your interpretation is correct, your conclusion that private individuals and organizations are privy to the exact same personal information that all government organizations may have is definitely not the conclusion that outcome would point towards and is still, indeed, a bizarre belief.
As to your final argument, who is talking about suing companies? If you're responding directly to something I said, the logic to connect it to your response is unclear at best.
https://en.wikipedia.org/wiki/Sorrell_v._IMS_Health_Inc.
Why should I be denied the option to keep my personal information private from said corporations/people?
1. Do whatever it takes to be "behind the curtain" and one of the people who is in a position to do the exploiting, rather than being exploited. (It's up to you what you do with that power.)
2. The opposite of signal is noise. The same hackers who build these Big Brother tools will inevitably build the tools that flood Big Brother with noise. Disinformation campaigns will always be capable of re-training the surveillance machine.
Just because you are sitting there typing in your undies do not mean that what you post has the same privacy.
Also the worrying bit is not so much the data, as the actions taken on their basis.
Denying someone a job because they have a few photos of them enjoying a colorful drink is just the tip of the iceberg.
What about the day a kill shot is approved because the computer says the face is above a certain likelihood of being some big bad terrorist? At 70% there is still a 1 in 4 chance of being wrong.
http://www.nybooks.com/daily/2014/05/10/we-kill-people-based...
The problem is not that this calculation exists, but that people so easily misinterpret it. It doesn't mean "Person with these photos has a 65% chance of being an alcoholic in 5 years", what it REALLY means is "65% of the people with these photos became an alcoholic in 5 years".
That is a HUGE difference. For the remaining 35% there is perhaps some additional factor not included in the existence of the photos that guarantees there is a 0% chance of them ever becoming an alcoholic. When you try to apply general statistics about a large population to a single individual, it's not as simple as just saying "65% of the time this person will become an alcoholic". That's ridiculous anyway, because the person will only live one life, one time.
(Actually for a lot of shots you could probably get by without the GPS location by recognizing some landmarks in the background)
Yes, this is already being done.
EDIT: Curious, why this is getting downvotes, any thought on why?
EDIT-2: Here's an example, though the general gist is you grab millions of photos with geo-location meta data, then train against this to ID the location of photos without the location meta-data:
http://www.theverge.com/2016/2/25/11112594/google-new-deep-l...
Does anyone knows what they are using for face matching? their results sounds excellent.
http://www.prnewswire.com/news-releases/russian-startup-n-te...
http://ntechlab.com/
http://megaface.cs.washington.edu/
HN discussion:
https://news.ycombinator.com/item?id=11491264
One of the incidents https://globalvoices.org/2016/04/22/facial-recognition-servi...
http://media2.popsugar-assets.com/files/upl0/0/88/08_2008/08...
That seems like an trivially simple thing to defeat from a code perspective.
With Intel Core i7 5960X (238,310 MIPS at 3.0 GHz), it only takes 238 instructions for a photo?
Here is the paper for the reference: http://arxiv.org/pdf/1503.03832v3.pdf
Also 70% accuracy is like really really bad.
Here are results from MegaFace Challenge, which involved identifying face in presence of Million distractors:
http://megaface.cs.washington.edu/results/fgnetresults.html
http://megaface.cs.washington.edu/results/facescrubresults.h...
https://en.wikipedia.org/wiki/Fortune_telling_fraud
Also, you can't be rooting for transparency AND privacy at the same time. You have to give up on one of these, and when you think about it, you have to conclude that the losing idea is that of "privacy".
> Please don't bait other users by inviting them to downvote you or announce that you expect to get downvoted.
Consider the guidelines regarding worthwhile contributions next time, please. :)
[1] https://news.ycombinator.com/newsguidelines.html
Providing the information publicly shouldn't be an issue since you don't believe in the concept of privacy.
Also for example my address is probably nowhere public because I didn't choose to publish it.
Should banks get rid of vaults and stack money on the street curbs?
In contrasts in Norway, by law, it is far more restricted what the credit card companies can record about me. Whenever somebody requests information about me, by law I have to be sent exactly the same information. This provides both increased privacy and transparency. I get to know who is trying to find out stuff about me, and I got control over what sort of information is shared about me. If what is being sent out looks wrong I can contact the credit card companies and inform them about that.
Likewise you can look up anybody's tax returns in Norway. You can't look at the details however. But it is a great tool for transparency in that it allows you to check if e.g. government officials or others have way more income than they should be having. However whenever you request this information, people having those tax returns will be informed that you requested that information. This helps protect your privacy as you can't look at the neighbors tax returns without looking rather stupid and nosy.
a) Even if all information about every person is publicly accessible, none of us will know everything about all of us (Us being humanity). Some things about some people would be known by more people. For example, more people would know that the president is the president than whether I got a haircut any given day. Indeed, more people would know that the president exists than would know that I exist. There is a limited amount of attention, and not enough to give attention to everything, so some things must have more attention on them than others.
b) Negative attention can harm someone. Harassment hurts.
c) having information about someone can make it easier to focus the attention of others on that person, including negative attention. This is true even when the people whose attention is in question already could have accessed the information beforehand, but haven't. Perhaps even especially true.
Conclusion) Having all information available about all persons makes it easier for those who can direct people's attention to direct negative attention against those who they wish to do so against, and therefore increases their ability to harm those people, and therefore increases their power over them.
So a total lack of privacy makes those with power over attention more powerful.
It's a bit baffling to me why University of Washington was trying to accelerate this capability. I'm all for pure academia, but this is just fingerprinting someone's face. The real tech is in being able to map a face from a 2D image, so why not make the contest about that?
Tell me more about this distinction between real tech and not real tech!
On a tangential note, privacy is going to have interesting connotations as we build wearables and work to forget different ways of socially connecting them.
There needs to be strong privacy rules and transparency on what degree spying agencies access data about random citizens.
We can not leave it completely to technology to solve this issue for us because regular users will never have the competency to understand how to secure their digital presence.
Most tech people seem to believe piracy (music, video) is effectively unstoppable. What makes the end of privacy any different?
Of course I want privacy. For current sized cameras I'm pretty sure none are on (not 100% sure though) but as they get smaller and cheaper and people post more and more photos and eventually livecast their lives or at least large chunks of it (it seems like coming eventually whether we want it to or not), how will we stop the end of privacy anymore than we can stop piracy?
I don't get it. I can also search in a phone book for names or i can contact goverment help to find. The problem is what happens after you got the information and this is regulated in laws.
If your data is not on the internet it doesn't mean you are invisible.
A customer who uses services of this kind can "prove" they're anywhere in the world at a given time.
Useful for celebrity misdirection, criminal alibis and the like.