34 comments

[ 0.82 ms ] story [ 77.2 ms ] thread
The whole article seems to be a marketing post.

I completely agree that you could build a face recognition system in 60$ or less, however the image match described in the post is unlikely to be the real system results, I've been studying image recognition for a year now and it is almost impossible to train a model without having thousands of images classified somehow (usually by hands). One of the biggest problems in AI is that NN cannot match an object in 2 images if it was taken from different perspective unless R. Madonna was hanging out there for 9 hours to be filmed from different angles to collect enough of photos from camera (not taking into account different image resolutions and camera quality)

Thanks for the article, however, the myth is BUSTED :D

That sounds reasonable but what do you think they're marketing?
depends on nytimes KPIs :D maybe just growing click rates on the article
99% of the stuff you see online is marketing.

Someone want to benefit from your visit.

If they don't try to sell you anything, they want to get traffic so they will create an attractive clickbait title

Well, that’s a conveniently tautological conspiracy theory.
Sure, but that's not that big a barrier.

First, there are some pretty good classified mugshot datasets in existence. FB's, for one.

Second, you can get some mileage out of just matching images to eachother. One or more cameras track an individual to get multiple angles. You may not know the individual's name, but you will know that it's the same person walking past the cameras every day.

Third, you can always target a limited set of faces. Don't casinos use something like this for persona non grata?

The article may very well have exaggerated how easy it is to pull off. However, I would actually take it a step further.

I could build a facial recognition system for $0 using open-source software and freely available camera feeds.

That's the real crux of the article: The data (camera feeds) is out there. The software is out there. Anyone could do this.

Therefore, what are we doing to prevent it, if anything?

You're talking about training data, but (as I understand it) current commercial facial recognition may use learned features but from there it uses traditional biometrics to identify faces. So this criticism doesn't necessarily hold as these biometrics could easily be one-shot.

(Any facial recognition gurus feel free to enlighten me, of course! :)

Right on, for a minute I was wondering if there hasn't been a leap in the efficiency of neural nets that I missed.
Did you read the article? They show the image that was matched of the professor compared to the training image, they are completely different perspectives.
> One of the biggest problems in AI is that NN cannot match an object in 2 images if it was taken from different perspective

I think you've missed the last 5-ish years of NN development. Some of the latest Face2Vec stuff can handle different perspectives pretty well by either building a system that can predict 3D representations of the face from one shot[0] or by just training on two different perspectives of the same face and having the system output the same vector (I've read some work on this but Google is failing me at finding a reference).

If you can recognize people from different angles, computers will eventually be able to do it better than you. Probably already.

[0]https://arxiv.org/pdf/1703.10714.pdf

Bingo. 1) Train an algorithm that given any angle view of a human head, produce a 3D reconstruction of said head. (Depending upon the amount of face visible, the accuracy of the reconstruction increases. 2) Train an algorithm that given a human head geometry, it identifies any deformation due to facial expression and neutralizes that expression. 3) Trivial algorithm: given a human head geometry not facing the camera, rotate that head such that it is facing the camera. 4) render the human head geometry without expression, facing the camera, using the video image source as the texture map for said head. 5) Perform FR.
You've been out of the loop, just look at FaceNet, your face in any orientation for a human to recognise is enough for the software to do so as well. Is already open source & doesn't need any manual tuning after it has been trained, also scales excellently.
The use of the word "legal" in the title seems charged to me. (EDIT: The edited HN title is better now, thanks).

Especially given, from the article:

> In the United States, there are no federal laws that restrict the use of facial recognition.

While "Not illegal" may be more contextually accurate to this article, it means the same as "legal" to me personally.

If you're instead talking about ethics and morals, thats an entirely different discussion.

Unless I'm terribly mistaken, laws generally only describe what's illegal. We don't write laws to tell you what you can do, we write them to tell you what you can't.

So if there's no laws saying you can't do it, it's legal.

rgoulter isn't saying that the title is wrong, he's saying that it's unncessarily charged. By explicitly specifying that this technique for face recognition is legal, it suggests that other techniques are illegal and so something bad (but legal) might have been achieved. But in fact, none of this is illegal; the headline is just clickbait.
Yeah the other sense is "legally sufficient for a standard like official government identification". Now it is just testimonial science - not bad enough to be automatically thrown out for attempting to use as evidence.
Fair enough, I see your point.

But, I'd argue the use of "legal" was to make a real point: We assume this isn't legally possible today, and the article is showing how it is. So I'm not saying you're wrong, simply that I disagree.

I think that they are trying to make the point that there are no laws regulating the use of facial recognition.

My experience is that most Americans think their privacy is protected; that deploying facial recognition software on them would be illegal. It's not. They're stating it so to overcome the public misconception.

What exactly does an "illegal" facial recognition machine look like?
I think it would need to intrinsically commit another crime in the course of operation.

Like some sort of horrific machine which obtains shape information by head crushing and then stating if the now crushed head was recognized. Needless to say there is no reason to do that.

One running in a country where face recognition is illegal?
This would be illegal in the EU under the GDPR which would require positive consent from the individuals monitored (simply walking into a space would not be enough). However, individual countries are allowed to alter this aspect of the Regulation themselves, so effectively countries may now "opt in" to the use of facial recognition in more settings. Quite different from the opt out relationship of the US States.

Source: https://www.lexology.com/library/detail.aspx?g=c0714997-42b1...

So how does that work when I'm in a park taking pictures to share on my public Instagram? Do I need to get a model release from each person that walks into my frame? What defines monitoring?
Article 2: "This Regulation does not apply to the processing of personal data [...] by a natural person in the course of a purely personal or household activity".

The recital associated with that explains it: "This Regulation does not apply to the processing of personal data by a natural person in the course of a purely personal or household activity and thus with no connection to a professional or commercial activity. Personal or household activities could include correspondence and the holding of addresses, or social networking and online activity undertaken within the context of such activities. However, this Regulation applies to controllers or processors which provide the means for processing personal data for such personal or household activities."

It sounds like GDPR wouldn't require you to get a release...but it might require Instagram to require you to get a release.

The GP's link is helps define it. Apparently on second access it becomes paywalled, but the gist is photos become personal information when "specific technical means" are used to identify individuals.

I think Instagram's suggested tags etc would count, so presumably they'll have to turn that off in the EU.

However, I think your vacay photo snapping is safe because you're an individual. From https://www.itgovernance.eu/blog/en/does-the-gdpr-apply-to-m...

> To fall within the remit of the GDPR, the processing has to be part of an “enterprise”.

As much as this technology is powerful, you can't make it "illegal" to take photos of a public park, and then bring them home and do whatever you want with them at home. That would just be absurd. Banning the software online only isn't really an option, because the knowledge on how the software works is already public. Anyone could rewrite the code on their own (Esp because 300 line neural nets, no libraries used, are still pretty dam good at facial recognition). The real privacy should absolutely be on the data side. There should not be public databases of profiles. If you have a big insta profile or you are a big youtuber, then yeah, you'll be public even through you're not a celebrity. That was choice. Random people should be private. No mugshots should be freely available, and photos of social media profiles should be obscured by default. Or, alternatively, we accept that this is the way things are.
Policing the data should be the way forward. Just like I cannot take your PII and publish it without your consent, it should go also with your dataset of faces. The only trouble I see is what constitutes a face for facial recognition vs a face that is in the background of my Instagram photo?

Take this photo I took of the Manhattan Bridge in Dumbo [1], there are a few faces in that photograph that are quiet prominent. I'm protected in the US because it is in a public place, but in the future would I need to manually blur out the faces of those who do not sign a model release?

1: https://megapickles.photo/2018/06/03/dumbo-washington-street...

Can you really not take PII and publish it without consent? Let’s say you found it somewhere publicly or in some other fashion where a user has not agreed to a privacy policy. I’m not saying you should do that or that it’s morally right, but are there actually legal protections against that outside of Europe?
Not that I know of. As long as what you publish isn't defamatory, there is no law against publishing pii.
How long until we see this as a monetized SaaS? (ed note: that's Stalking as a Service)