81 comments

[ 4.0 ms ] story [ 154 ms ] thread
So now a practical goal of social media is to not post enough pictures that allow training an accurate representation.

Anyone know that if Google/Apple/other private photo storers train on my private photos if they can sell the model to other facial recognition without my specific identity? I suppose a model could accurately identify a photo of prepend without actually saying that who prepend is. So that would allow the selling of data as “de-identified.”

>Anyone know that if Google/Apple/other private photo storers train on my private photos if they can sell the model to other facial recognition without my specific identity?

The better question is probable "who sells facial recognition identities/services and also has users uploading pictures?" Even if Google, FB, whoever, aren't having the photo's department handing their stuff over to the facial recognition department, they're only a minor shift of priorities or management personalities away from that happening.

I’m not a machine learning programmer, but trained models don’t really have identifying information right? So they wouldn’t even need to hand over any photos or PII, only a trained model that now better identifies specific individuals.

What’s really interesting is that any healthcare images can be used without requiring patient permission since training models can be used on a completely HIPAA de-identified image (stripping out any burned in characters, etc).

(comment deleted)
Arguably, if the model can identify me from a picture, then the model IS "indentifying information" (in the most literal sense).

In France, and I believe now in the whole of Europe (GRPD) anyone can ask to remove or correct "identifying information". I wonder if this angle has already been used by someone.

Both in house isn't really necessary - get facial recognition and feed it the others and you have the model you want.

Wouldn't government ID photos already contain the missing link of data for facial recognition without any speculative dot connecting? The DMVs have been /actually/ selling your data for years (as opposed to using it to power their advertising model - a pretty crucial difference as illustrated by this). Of course that also depends on what they are stupid or callous enough to include.

Webcrawling can be a fertile source - find one profile with real name and photo and you have a mapping. A grey area that was more an embarassment or cost of doing business than a company killer for Clearview.

"not post enough pictures that allow training an accurate representation" - well then you just have to post no pictures, and even that won't be sufficient as you're likely to end up in photos that others post, like the original article example of Andres Rafael Viola who was identified because he just happened to be in the corner of the background on someone else's photo.

A few years ago I had a project that among other things needed to detect which politician is in a particular photo, and an accurate representation needed something like 5-6 photos from different angles back then; more pics helped, of course, but you could get quite good results with just a few images even back then. I presume that we're not far from tech where 1 or 2 at most would be sufficient, so if any photos at all exist on social media (e.g. a buddy has taken a group photo and marked you in it from their contact list) then you are or will be linked to your photos.

And IIRC that recognition is quite stable as you age if properly trained, so if there's a ten year old photo floating around somewhere, then that part of your privacy is already gone.

I do believe that ship has sailed. Even if you are "opsec-conscious", your relatives most probably are not.

Example in case, today is my birthday, and my mother in-law has sent me a video collage of pictures with me in them, automatically generated by Apple. Because of course she has entered my birthday into her phone, and has tagged my picture a couple of times.

Funny tidbit, one of the pictures was not me, but my 4-year old son (also blonde, wearing my sunglasses).

>automatically generated by Apple

Actually it was automatically generated by their iOS device, entirely on-device.

Social media are not the only source of good training data, have you seen how many security cameras are in London, for example? Hint: a very very very large number. Or traffic cams pretty much anywhere?
Social media are not the only source of good training data, have you seen how many security cameras are in London, for example?

To be training data it also has to be labelled - security camera footage alone is not a good source of training data, unless it can be correlated e.g. with swipes of an ID card through a door or something, to provide the label.

Anyone know that if Google/Apple/other private photo storers train on my private photos

This is one of the failings of GDPR - if I request a company remove my personal data it should also be required to destroy and re-train any models from scratch that used that data, without mine. I know this would be very expensive but that's the point, it's the only way to get companies to take it seriously.

These are good questions that EVERYONE needs to ask.

What Happens When MY Face Is Tracked Everywhere I Go?

I think it's really important that as many people as possible understand what is happening with Clearview, and everything else. It's important that as many people as possible take some time and understand how all types of tracking work, both on and offline now.

If "we" as a society learn what's going on and shrug, then oh well, Clearview wins I guess. I hope that if everyone knows what's going on "we" will push back with... well I don't know what. Better laws/regulations?

As someone who talks privacy/security quite often, I am still surprised at just how little most people know/care about privacy. Most people, even after they learn a bit about what's going on, just don't care. They'll read this story and come away with "They caught a pedophile, this is a good thing! I have nothing to hide, bring it on." It feels like "we" privacy/security folks are just fighting a losing battle.

I feel the same and it has led me to conclude that this is a situation where things have to get (a lot) worse before they can get better, and only through legislation. I've been thinking about how it seems like we're living in the 50s of smoking except this time it's privacy and social media. Perhaps we can learn something from the tobacco control playbook...
Tobacco control has been a big fail, all that has really happened is that government and tobacco became co-dependent. People are still dying from tobacco related disease (I've lost close family members to this), and the product is sold everywhere. I would hope we do not model anything on "tobacco control".
>Tobacco control has been a big fail

Can you elaborate on this? Short of treating tobacco like heroin, what other measures should the government have taken to curb tobacco use?

"what other measures should the government have taken to curb tobacco use? "

Make people with traces of nicotine in their blood ineligible for free health care. Including emergency care.

Focus their minds.

While I don't think we would disagree that cigarettes are still sold and there are still smokers, the problem is a fraction of what it was. That's not fail at all.
Its taken us 400+ years to get to this point. The science was in on smoking in 1948. It has taken over 70 years to get what progress we have had. That's a lot of lives cut short and a lot of suffering.
Idk, the younger generation see it as filthy and don't go near it for the most part. Seems to have finally paid off.
The younger generation is rapidly cozying up to smoking marijuana.
Do you have some data for that? And I wonder if and how this affects the big problem we have with alcohol abuse at any age.
Finding data for this is a walk in the park (ha ha).
Unfortunately I suspect this is somewhat of a Pandora's box situation. There's only so much legislation can do once this technology becomes commonplace. Even in a hypothetical extreme scenario where facial recognition technology were completely banned the software would still exist and there'd still be databases of people's faces floating around the web. All legislation would do is create a situation where it's "illegal" to use software to identify people from a picture of their face even though just about everybody knows how to do so trivially and secretly.
Harsh penalty and strict enforcement should do quite well. If you want to be a database of private information, the burden is on you to comply with privacy laws. If I assert you have collected my face and stored it illegally in a database (i.e. without my consent), a regulator should be able to quickly follow up for compliance, and if found to be out of compliance, penalty is imposed.

TCPA works really well for call centers, and CAN-SPAM works really well for email marketing platforms. There's no reason a similar piece of legislation for facial recognition could not be passed.

Sure, you can stop legitimate US companies from using your face that way. But what happens when the database isn't hosted in the US, or is distributed anonymously by a peer-to-peer network.

TCPA and CAN-SPAM are hardly what I'd call effective. I still get tons of spam calls and emails.

I'm not saying legislation is a bad idea; just that it's not going to be able to put the genie back in the bottle.

Unlike spam (which can trivially be sent across jurisdictional borders) you can't point a new camera at a San Francisco resident without being in California.
Stream camera to box in other nation running recongiton model.
Sure, there are going to be smaller players, but they won't matter in the grand scheme of things. The FBI, or DOD isn't going to go scouring the crevices of the web and look through various sources, they want one big database that's easy to query, and likewise, a company like Clearwater wants to get big so it can be in a position of power, and of course, $$$.
You severely underestimate the lengths government will go to to end run around prohibitions, and how easily that can be accomplished by a private contractor.
No, not really. I've considered that as well. It's ok if the government does it, there is oversight committees, there's the whole issue of the constitution, and eventually all will be known. Plus things can change. The PATRIOT act could very well be overturned one day. I am not saying shady actors won't get away with some shady stuff for a short while. I care more about private side business being allowed to do this unbounded.
You can also stop legitimate murderers from murdering by enforcing laws against murder.

"It's hard" is not an answer to the question "should this be illegal?". It's a statement that comes later, when the budgets are being made.

What if we gave people copyright over their likenesses? In fact, celebrities already have ownership of their likenesses. I can't sell Leonard Nimoy lunchboxes, for example. Clearview shouldn't be able to sell pictures of me either. If they want to sell my pictures, they should get in touch with me, and we can work out a licensing agreement.

https://collectingtrek.ca/2019/02/03/leonard-nimoy-sued-para...

everybody has an NFT on their likenesses
Then whose copyright takes pecedence, you, or your photographer?

If you leave it up to contract law to answer it, we'll be in the same spot we're in now with a new template clause no one will ever read.

Plus, it doesn't solve the more pressing fundamental issue of Third Party Doctrine giving government an end run around any prohibition of amassing such a system by hiring out the deed to someone unencumbered.

Yours, because the copyright of a photocopy of a book remains with the author.

No, because I don't have any legal relationship with street camera operators. This would not be a panacea for all privacy issues, it would specifically solve ones related to zero-touch trackers.

No, because neither the government nor unencumbered entities can profit by selling works that I own the copyright to, nor can they profit from selling derived works.

I only partially agree with that assertion.

Regulating and restricting the use of facial recognition technology is entails creating civil and criminal liabilities. Such liabilities would make it prohibitively expensive for private initiatives to develop facial recognition products and services.

Such legislation doesn't have to target facial recognition tech directly. In many jurisdictions, existing privacy legislation already puts up barriers. And legal cases involving Clearview are testing these frameworks.

For instance, last year, privacy protection authorities in Canada launched a probe into Clearview and how it holds up legally (february 2020). Clearview subsequently shuttered it's operations in Canda (august 2020).

https://priv.gc.ca/en/opc-news/news-and-announcements/2020/n... https://priv.gc.ca/en/opc-news/news-and-announcements/2020/a...

In Europe, there's the GDPR. Last year, Clearview was hit by a complaint in France. And just last month, february 2021, Hamburg Data Protection Authority ruled that Clearview clearly breaches the GDPR.

https://www.businessinsider.com/clearview-ai-gdpr-complaint-... https://edri.org/our-work/reclaiming-your-face-from-clearvie... https://noyb.eu/en/clearview-ai-deemed-illegal-eu

For sure, legislation and enforcement don't root technology once it's out there. But that's not the point. If you live in a place where you don't have strong privacy rights, you, as an individual citizen, don't have any legal footing to begin with to stop anyone from appropriating your portrait and using that in ways you don't agree with.

Think about this phrase but replace it with other crimes:

> All legislation would do is create a situation where it's "illegal" to [commit some crime] even though just about everybody knows how to do so trivially and secretly.

The list of crimes that fit that description is huge:

- rob a convenience store

- molest a child

- commit insurance fraud

- make a pipe bomb

- ...

We still outlaw those things, even though most people already know how to do them (or could figure it out quickly) because we don't want people doing them routinely and we're willing to force people to stop.

All of these things have negative externalities that are hard to conceal (except maybe the last one - if you never use your creation you'll be fine and the law is unlikely to catch up with you).

The problem with facial recognition software is that it's very easy to conceal its usage. Businesses can use it secretly and then use parallel construction (https://en.wikipedia.org/wiki/Parallel_construction) to explain how they obtained the information that actually originated from facial recognition.

One thing that might motivate lawmakers is if someone starts tracking THEM (with license plate readers, face trackers, camera based heart+breath monitors, Bluetooth/WiFi/Cellular trackers, etc.) and makes the data public. It's currently legal for anyone to do this in the USA as far as I know. Perhaps some cities have laws limiting their police but I don't think they limit the public or corporations. Do talk to a lawyer before making the data public though.

You could do this on a personal level also, use your phones camera and start telling people their heart rate, breathing rate, radio emissions, etc., to raise awareness. Start saying "Hi" to them before they are within site range of you when you detect their phones transmissions. People may start to think you're a creep, but they'll certainly start to recognize that they are at the mercy of creeps. A likely outcome would be a ban on remote sensing during workplace meetings or at the workplace in general which could lead to a nationwide ban eventually. I don't think anyone's boss would like their employees monitoring their heart rate or stress level during meetings or using that to get an advantage over other employees. Or maybe everyone will love it, you could automatically terminate meetings if everyone's stress level gets too high and people may become more forgiving if they find out what raises other peoples stress levels. You can get heart rate from cameras and variability in heart rate is strongly correlated with stress.

Can't these Clearview folks find some other interesting thing to work on? It's not like there is a shortage of technical challenges. Sheesh. Not every market gap needs to be filled.
You seem to be ignoring the large number of people who seem to be interested in a large exit, who will look for ANYTHING a target audience will pay for and do it to scale, because.

And the other group of people who will assist those in power to maintain it, because trickle down.

You can open your original sentence out to "Can't these <insert any potentially harmful project> folks find some other interesting thing to work on?" As long as there is some sort of incentive on the other end, someone will be interested.

In today's economy, engineers can literally choose what they work on. For a decent income, there is no need to work on unethical things. There simply is no excuse.
Not necessarily directed at the parent comment (who seems more at a loss than thinking it's a solution), but calling for laws and regulations to restrain a state that regularly ignores laws and regulations already on the books feels very lazy (slacktivism?) to me, and is all too common a trope on HN. Call me pessimistic but I really don't think that the kind of elites that will use illegal metadata to drone strike their own citizens and their children (among numerous other atrocities) will suddenly behave if we just put a few more of 'The Right Laws and Regulations'™ in this time.

The only answer to the privacy and security question is to be principled enough to do what you can to opt out even if it's difficult. Yes I get it, you don't want to alienate some percentage of your social circle/users/customers. But that attitude contributed to how we got here in the first place. You may be pleasantly surprised how many people will be willing to follow along if you ask them directly and are willing to help them do it. I thanked a friend for getting set up on matrix after I deleted all my other services and he told me "even though I still use whatsapp you have a good reason not to and you know more about this stuff than I do so I'm happy to use element to chat with you". I haven't had a friend that I made a personal appeal to turn me down yet. "I'll create your user on my server. It's nobody's but ours and it runs from my living room" goes a long way, apparently.

My personal roadmap (ymmv):

- Use tech that makes your adversaries job harder. For me this is things like no JavaScript (plain pages in general), FOSS/OSHW, walled gardens, cash/cryptonumismatics, mirror things on RSS/yggdrasil/gemini/alternate dns roots/ipfs. Self host. You get the idea.

- Help others do the same. Cultivate a community. Make topical group chats/forums/pages. Mirror the content of things you would like to see.

- Make your employers do the same, and be willing to say no to things that are counter productive to that goal.

- Regularly make your friends/coworkers/boss confront the idea that they do have something to hide. Ask them to hand you their phone and tell you their password, ask for naked pictures of them/their family, ask them to install a parental control app that gives you their location/microphone/browsing history/etc, ask if you can put some cameras in their house/bedroom/bathroom (bonus points if you bring a camera over).

- Obviously tailor the above to the situation and remind them that they do in fact want privacy. Don't ask a co-worker for naked pictures what is wrong with you?

- People are wrongfully arrested on a regular basis based on minimal evidence. Amplify their stories.

- Rotate usernames regularly.

Anyway that's what I do. It hasn't been nearly as rough of an experience as I thought it would be. Thanks for hearing me out. Welcome to the panopticon, friends.

>The only answer to the privacy and security question is to be principled enough

I like this answer. Maybe this course of action won't be sufficient but I like taking responsibility to do what you can first of all.

Folks here worship the free market and here's a corporation making use of data that is freely provided (but perhaps not used in expected ways), much in the very same way Facebook, Google, what have you, use data that is freely provided to make big bucks.

There is some outcry, but in general, software developers are extremely happy about massive wage increases across the industry, due to companies like Facebook and Google, while crapping on these same companies as often as possible, in web forums where it doesn't really matter at all. It's cathartic but ineffective. Make some vague statement about "the government" should solve this, while also cashing your outsize paycheck and continuing the privacy destroying work at BigCorp Data Scrapers Inc.

So I like the reminder to look in the mirror and remember who exactly is building all this surveillance tech in the first place, and starting the solutions there.

Thanks for the kind response. I kind of expected to get pooped all over for that post. It's not necessarily an easy answer. I left my last cushy job over something most here would consider minor to work for a non-guaranteed income that would be embarrassing for most others in the industry or on this site, but my soul feels much better that now I'm an (albiet insignificant) part of the solution instead of part of the problem. No one snowflake is to blame for the avalanche. On the plus side my work-life balance is far more tilted to the 'life' side of that equation.

The goal over the next few years is to continue to do what I can in all areas of my life. Produce my own food, spend my money as locally as possible. I'm okay if it's not polished for mass consumption or 'regulated' as long as I know who's behind it. I've been buying homemade meals from random strangers on craigslist and Facebook marketplace (my SO hasn't given it up yet, even they haven't posted anything for years). They have been delicious and cheap usually deliver to my house. Unregulated food might scare people, but I've got the runs from grade A inspected places many times over the years so...

Call it what you will. Localism, anti-corporatism, cryptoanarchy, free market, anarcho-capitalism. Labels don't really seem to help much when we're fundamentally all working towards the same end goal. But I think in all cases it's unfair to ask others (including the state) to do something you're unwilling to expend effort attempting yourself because you've given up before you've started.

Be excellent to each other and have a rocking day.

> ask for naked pictures of them/their family

Are you sure about this one?

Context matters. I would recommend using some common sense for this approach. It's probably not a good idea to ask this of your family and coworkers for example. Just explain that you asked the question to illustrate the point that everyone wants privacy to some degree or another. It's a requirement for the human condition. They always say no unless we've already been talking about privacy for a while, in which case they sometimes agree because they see where I'm going with the question and know I won't take them up on the offer. My friends think they are funny, and sometimes they are guilty of it.
If "we" as a society learn what's going on and shrug, then oh well, Clearview wins I guess.

It doesn't matter if we shrug or not. Big business always wins.

One of our best shots at a material change is to elect more people like Ed Markey, Jeff Merkley and Bernie Sanders to congress.

Leaving aside the really obvious political dangers of this, one answer is that we get inundated by creepily well-targeted advertising and propaganda.
Then some of the most polarized political views suddenly swap stances with one another on mask wearing policies like poles switching on a magnet.
My slightly-less-than-half-joking prediction is that COVID era hygenic mask wearing will transition into a privacy mask culture as facial recognition becomes ubiquitous.
Unfortunately facial recognition is not stopped by a mask that covers half your face. https://www.bbc.com/news/technology-55573802
After learning that someone can get your cardiograph with a laser from 100 ft away, I believe the adversarial fight with privacy won't help us nearly as much as fighting for legislation.

Although I do think, as an american, we should rework the second amendment to include things like encryption. And change the 3rd amendment to privacy protection. I'm a little more worried about the people in my devices, than I am housing enemy soldiers at the moment.

You sacrifice too much even if you could attain privacy through your own effort (which I very much doubt). Without laws to protect citizens, privacy is a pipe-dream simply because people aren't willing to give up what comes with giving up their privacy.
The problem is this isn't even about privacy. Courts have always held that you have no right to privacy as soon as you step outside and that is never going to change. News broadcasts and most film making would become impossible if they needed the consent of all people who might incidentally make their way into a frame by walking in front of a camera. And if you go into someone else's business, there's usually a sign right out front telling you that by stepping inside you consent to them monitoring and recording everything you do. The only reason this never used to scare people is there was no practical and scalable way to collate all of these sources of public data into a usable profile that could identify and locate an arbitrary person.

Well, now there is.

How do you fight it? I don't think you can. The obvious answer is don't commit crimes and nobody is going to care enough to try and find you. Unfortunately, law enforcement has never proven particularly trustworthy about only going after actual criminals, so that answer doesn't generalize, but the vast majority of people are very unlikely to ever find themselves the victim of political persecution. What do we do for those who are?

Right to encryption and constitutional amendments for privacy are great and all, but that still means absolutely nothing for a case like this. This technology relied entirely on public data. You're never going to have the right to not be photographed when you go out in public. The paparazzi literally killed a member of the royal family doing this and suffered no consequences for it.

Law enforcement are untrustworthy, bigoted and violent. Some of them are also corrupt.

Laws are written by bigots to oppress people.

Corporations view you as a meat byproduct and your human rights as inconveniences.

All of these problems are global, and IMO, they are the underlying issues of the privacy problem that nobody likes to mention. Because when you strip off the indirections, what people are fighting for is the right to break or ignore laws with impunity - because your line isn't tapped or your face isn't recognised.

Why do we need havens from the law?

Because the law is bad.

I'm not arguing we should abandon privacy. But I'm arguing we need to refocus attention where it belongs, on bad law and bad law enforcement. Or otherwise we will be in a constant game of spy-vs-spy trying to outwit them as we carve out our little havens, and they kick the doors in.

This needs to be signal boosted. The fact that we were able to apprehend a a guy raping 7 year-olds in his basement because he accidentally photo bombed a bodybuilding convention once is great. It's a very good thing that committing crime in the dark and staying hidden forever is the hardest it has ever been.

The entire problem here is that we can't trust law enforcement to only use technology like this for good because we can't trust law enforcement. We can't put this genie back in the bottle. There is no way to conceivably stop the police from scraping completely public sources of information to find you. This service is just scaling and automating the anonymous tip. They're not even grabbing anything private. Facebook and Google sent them cease and desist letters when they found out what they were doing but those couldn't be enforced because you can't keep people from scraping publicly viewable photos.

The only solution to this is trustworthy law enforcement. Which is unfortunately maybe not even a solvable problem, but I don't know what else we could even try to do.

Government and law enforcement needs to be surveilled more than the public. This is the opposite of what seems to be happening.
Still too indirect.

You know what cops do when they're made to wear body cams? Exactly the same thing they were doing anyway, because they have every reasonable expectation they'll get away with it.

How Elites/Law makers are exempted?
What are you pussies afraid of?

Dictatorship and authoritarian regimes are for real men!

Woke culture is weakness - we need strong old white leaders with big police-state penis-power!

Ride my horse naked or go to hell!

What's funny is that the "woke" companies are the ones doing this. The "woke" left is behind a lot of this.
What happens when NYT journalists follow you around and tattle when you say naughty words?
Records vs Tracking :)

So Tracking implies by the definition that something is about you :)

Records implies that there is a sex tape from your past copulation...

:D

Everyone was afraid that someone was watching them, but they are missing the fact that it's is difficult to watch everyone. Even with algorithms, I don't think it's possible.

Essentially, I believe the three letter agencies are pattern oriented when it comes to tracking.

En masse, probably not. But there are plenty of public accounts of how camera networks (or a combo of cameras + lpr) can track individual movements.

If you drive from Miami to Montreal, US CBP or Homeland Security has breadcrumbs of your trip the whole way. Camera tracking is possible and is just a matter of funding.

Are you dismissing the potential for this to be abused because (we assume) the technology doesn't support mass biometric identification surveillance today? If so, you should know that technology has shown a propensity for rapid evolution.
And that is even a worse problem than in=person surveillance.

The more societal functions are automated, the more ways individuals can be effectively screwed and no one in authority can say anything except "well, you were flagged so you must be guilty".

Until we push back against that as well, and then we run right back into the "They came for..." problem.

it's is difficult to watch everyone. Even with algorithms, I don't think it's possible.

It's already happening. The Chicago Police Department doesn't have to have 70,000 people watching its 70,000 cameras. It just has several dozen. The computer decides if something looks (or sounds — some have microphones) suspicious, then routes that video feed to a human to look at.

The problem is that we train our computers with "AI" (a word we should stop using) that has biases.

That's what I implied on my last sentence. Pattern-oriented tracking.
I don't mind public facial recognition so much if it's very limited in scope, and absolutely not networked.

I once lived in a very secure building. When you walked through the lobby, your face would be scanned and a picture of your face, plus your information (name; apartment number; birthday; messages, laundry, and packages waiting; etc.) was displayed on a screen for the doorman to then let you into the elevators.

To me, this is OK. This was back before everything was networked, and every human being on the planet was sold and tabulated, so the information stayed with the doorman's station. When you became a new resident, the building manager took you to the doorman's station to get scanned, so evidently it wasn't even shared within the building.

The problem is that these days once your face data is somewhere, it's everywhere, for people good and bad to use for things good and bad. There is no control.

(comment deleted)
How ironic, the perpetrators name, Viola, means "to abuse" in spanish, and the guy is from spanish speaking Argentina.
Real-time car locations too. Recent HN thread:

"Ulysses can provide our clients with the ability to remotely geolocate vehicles in nearly every country except for North Korea and Cuba on a near real time basis," the document, written by contractor The Ulysses Group, reads. "Currently, we can access over 15 billion vehicle locations around the world every month," the document adds.

https://news.ycombinator.com/item?id=26492322