Tag: Social media

As I indicated in Part One of these reports on digital privacy, digital tools such as facial recognition are used for many beneficial purposes. However, as I demonstrated, those tools are also extremely easy to abuse, particularly in the hands of governments and the law enforcement community.

One of the films of the blockbuster film series, the Marvel Cinematic Universe, demonstrated the threat in a most capable manner.

Reel life reflecting real life

In “Captain America: The Winter Soldier,” Steve Rogers, the titular super-soldier, finds himself in a race against time to stop a deadly conspiracy that is fueled by abuse of digital surveillance. It’s discovered that the government security agency SHIELD has been infiltrated by a terrorist group known as Hydra. As Hydra scientist Arnim Zola explains, “Hydra was founded on the belief that humanity could not be trusted with its own freedom. What we did not realize is that if you try to take that freedom, they resist. (World War II) taught us much. Humanity needed to surrender its freedom willingly. After the war … the new Hydra grew. For 70 years, Hydra has been secretly feeding crises, reaping war. … Hydra created a world so chaotic that humanity is finally ready to sacrifice its freedom to gain its security.”

Hydra infiltrator Jasper Sitwell explains how digital information is being used to determine the targets for the imminent lethal uprising. “The 21^st century is a digital book. Zola taught Hydra how to read it. Your bank records, medical histories, voting patterns, emails, phone calls, your damn SAT scores. Zola’s algorithm evaluates people’s past to predict their future. … And then the Insight helicarriers [heavily armed aerial transports] scratch people off the list a few million at a time.”

Yeah, that’s a frightening scenario: “Big Brother” writ large. Depending on your age and education, you might wonder what the hit CBS television show has to do with digital privacy. After all, the reality TV show is designed for entertainment. But the phrase “Big Brother” debuted in George Orwell’s 1949 novel “1984,” in which a totalitarian government maintains control through constant electronic surveillance of its citizens. Today, the phrase “Big Brother” is “a synonym for abuse of government power, particularly in respect to civil liberties, often specifically related to mass surveillance.”

And, as I demonstrated in the previous essay, digital information, particularly facial recognition, can easily be misused and abused … as demonstrated by these most recent examples, which were made public after the last essay was published:

• In Michigan, Robert Williams, a Black man, was arrested by Detroit police in his driveway. Police thought Williams was a suspect in a shoplifting case. However, the inciting factor for the arrest was a facial recognition scan, which had incorrectly suggested that Williams was the suspect. And while the charges were later dropped, the damage was done: Williams’ “DNA sample, mugshot, and fingerprints — all of which were taken when he arrived at the detention center — are now on file. His arrest is on the record,” says the American Civil Liberties Union, which has filed a complaint with Detroit police department.
• In May, Harrisburg University announced that two of its professors and a graduate student had “developed automated computer facial recognition software capable of predicting whether someone is likely going to be a criminal. With 80 percent accuracy and with no racial bias, the software can predict if someone is a criminal based solely on a picture of their face.” On June 23, over 1,500 academics condemned the research paper in a public letter. In response, Springer Nature will not be publishing the research, which the academics blasted as having been “based on unsound scientific premises, research, and methods which … have [been] debunked over the years.” The academics also warn that it is not possible to predict criminal activity without racial bias, “because the category of ‘criminality’ itself is racially biased.”

Today, we’ll explore another aspect of digital privacy — namely, how much of a threat your own digital footprint can pose to your security. Because, as has become readily apparent, humanity doesn’t need “to surrender its freedom willingly.” It’s already done it.

I always feel like somebody’s watching me

Not too long ago, my wife and I were relaxing. I was reading a book; she was watching television. She asked me a question about the drug commercial that had just aired, and we laughed while discussing how the “minor” side effects of the drug didn’t sound all that minor. In the midst of our laughter, her phone started talking, telling us all about the drug.

She hadn’t touched the phone, which was sitting beside her on the couch.

I said, “Skynet is real.” She picked up the phone, put it into sleep mode, and set it back down, all without directly looking at it. And then, of course, for the next week or so, her supposed interest in the drug influenced what kind of ads popped up on her phone and laptop.

They say it’s not being paranoid if people really are out to get you. And they are out to get you … or your data, anyway.

The thing is, both of us have voice recognition software on our phones. With it, we can instruct our phones to open a specific app, call a person, search Google for information, and various other tasks.  It just never occurred to us that the phones could listen in without our specifically activating the voice-recognition software.

But we’re not the only ones creeped out by our devices’ antics. A few years ago, users of Amazon’s Alexa reported that the AI assistant would abruptly laugh for no apparent reason. Sometimes, the laughter would come in response to a user query. Other times, the user would be sitting silently when Alexa would suddenly chuckle. The laughter disturbed a lot of Alexa users. One user tweeted, “Lying in bed about to fall asleep when Alexa on my Amazon Echo Dot lets out a very loud and creepy laugh… there’s a good chance I get murdered tonight.”

Admittedly, we know that it’s highly unlikely that our phones, or Alexa, are going to pick up a weapon and come after us. While some say the age of Skynet is inching ever closer, most of us realize that it’s not all that likely that all of our machines are going to rise up and wipe us out … the repeated attempts of GPS notwithstanding. (Ever had your GPS tell you to “Turn right” … while you’re in the middle of a bridge over a very wide and deep river? I have!)

They say it’s not being paranoid if people really are out to get you. And they are out to get you … or your data, anyway. Corporations want your data, which fuels their marketing; social media platforms want your data, which fuels their interconnectivity, as well as the demographic data they can use for targeting their ads; the government wants your data, to fuel their research, voting, and criminal justice databases; and hackers want your data so they can steal your money.

The ACLU breaks down its concerns over privacy and technology into the categories of Internet privacy; cybersecurity; location tracking; privacy at borders and checkpoints; medical and genetic privacy; consumer privacy; and workplace privacy.

Internet privacy

In 2019, the Pew Research Center published the results of a survey in which a majority of Americans admitted their belief that their activities — both online and offline —were being monitored by the government and companies. “Roughly six-in-ten U.S. adults say they do not think it is possible to go through daily life without having data collected about them by companies or the government,” the report warned.

Although the report acknowledges that “data-driven products and services are often marketed with the potential to save users time and money or even lead to better health and well-being,” 81 percent of respondents said that “the potential risks they face because of data collection by companies outweigh the benefits, and 66% say the same about government data collection. At the same time, a majority of Americans report being concerned about the way their data is being used by companies (79%) or the government (64%). Most also feel they have little or no control over how these entities use their personal information.”

There are various aspects of Internet privacy:

• Consumer Online Privacy: One of the concerns that many consumers have is how their data is collected online, and what happens to it afterward. Ever Googled a retail website and then, shortly afterward, ads for that website start popping up in the margins of whatever other website you’re looking at? Your Internet Search Provider likely sold your information, or the website left “cookies” on your computer that allowed it to target you for the ads. Because ISPs are in the perfect position to see everything we do online, Maine regulates how they operate by requiring that they gain permission from users before using their data. Others are using Virtual Private Networks to put barriers between their devices and the ever-watching eyes of the ISPs. Maine is an outlier, though, and VPNs can be inconvenient and costly.
• Social Networking Privacy: When you’re not at work, you would think that what you post on social media is your own private business. But increasingly, employers, school and the federal government are requiring access to our digital lives. U.S. border enforcement agents are demanding that travelers unlock their devices and provide passwords. Schools are utilizing services that allow them to access students’ devices and social media accounts. The concern about overreach has become so widespread that some states have taken steps to prevent employers from researching the habits and postings of job applicants on social media, or trying to require that employees surrender passwords to their accounts.
• Cell Phone Privacy: You know from movies, television shows and the news that your digital devices also act as reliable tracking devices. Indeed, recent events alone have shown that the tech can track stolen devices; allow advocacy and voting rights groups to track the movements of protesters (and communicate with them); and allow companies like Venntel can collect and then sell data from citizen’s phones to government agencies, which can lead to warrantless tracking of their activities.
• Email Privacy: One of the biggest stories in 2016 was the hacking of emails that belonged to the Democratic National Committee and then-presidential candidate Hillary Clinton. Today, concerns remain over just how private our emails really are, creating opportunities for services that give you more control Mozilla is now offering Firefox Relay, which effectively acts as call forwarding in the form of email aliases that are connected to your real account, but doesn’t allow others access to your real account.  Google is also offering new features to make Gmail safer.
• Cybersecurity: As our reliance on our digital devices continues to grow, and the technology that connects those devices continues to improve, it can be argued that we are increasing the opportunities for hackers to exploit that same dependence. As the prevalence of hacker attacks grow, so does the need to protect computers, databases, electronic systems, mobile devices, networks and servers. A recent poll showed that most companies’ electronic security breaches were the result of poorly planned security infrastructure. Yet, even though U.S. business losses in cybersecurity attacks averaged $1.41 million in 2018, with over 68 million sensitive records exposed in 2019, the United States faces a coming shortage of cybersecurity experts. At a time when 5G is fast becoming the go-to resource of connectivity, it needs to be considered that the expansion of 5G could also lead to a massive expansion of internet-connected devices, which will raise the stakes for cybersecurity even higher. One such concern, from Consumer Watchdog, is that “all the top 2020 cars have Internet connections to safety critical systems that leave them vulnerable to fleet wide hacks,” which could lead to “a 9-11 scale catastrophe.”  

Location Tracking

The very nature of a cell phone requires that the device be tracked from tower to tower to maintain the integrity of calls.  Since mobile companies store that location data, the government can obtain a great deal of information about you from your movements. Similarly, the mobile company might sell that information. By triangulating cell towers, your location data can reveal where you live, your doctor’s office, your school, your workplace, your place of worship, your friends’ homes … the list goes on.

Back in 2013, whistleblower Edward Snowden revealed that the National Security Agency was obtaining almost 5 billion records a day from cellphones around the world. This collection effort allowed U.S. intelligence officials to track phones, the phones’ users, and map out the relationships of the phones’ users to other users and their phones. This meant that people around the world, Americans among them, were caught up in the NSA’s web, where that data was stored … all without a warrant.

However, the pace at which technology evolves means that, for every advance that can be used for oppressive purposes, a counter will shortly follow. In September 2019, protesters in Hong Kong were well aware of the fact that Chinese authorities monitored WiFi and the Internet. They turned to Bridgefy, a Bluetooth-based app that does not use the Internet and, as a result, is more difficult for the Chinese authorities to trace.

Privacy at Borders and Checkpoints

People carry a great deal of information —personal and professional — on their phones and other devices. Typically, they take steps to ensure that said information doesn’t fall into the wrong hands.  For example, my phone contains my emails, as well as access to my various social media accounts.  My communications with my clients are accessible via my laptop and my cell phone.  As a result, I keep my devices pass-coded. However, a growing problem is that of government agents attempting to gain access to travelers’ devices without a warrant. An argument can be made that the Constitutional prohibition on unreasonable search and seizure appears to be under assault, as government agents at border crossings demand access to travelers’ devices.

Medical and Genetic Privacy

What would you do if your employer, acting upon a question from your health insurance company, asked you to submit the results of that DNA testing you had performed via Ancestry.com or 23andMe? Right now, your medical and genetic information is protected under the provisions of the 1996 Health Insurance Portability and Accountability Act (signed by President Bill Clinton), the 2008 Genetic Information Nondiscrimination Act (signed by President George W. Bush). Meanwhile, you are protected from being denied health insurance because of pre-existing conditions by the 2010 Affordable Care Act (signed by President Barack Obama). But these laws, intended to protect Americans from predatory health care, may not be as strong as we think they are:

• The ACA, which is more commonly known as “Obamacare,” has been under relentless attack by the Trump administration. Indeed, during the writing of this report, the Trump administration has asked the U.S. Supreme Court to “invalidate” the ACA. If it falls, insurance companies could again deny coverage to those with pre-existing conditions. It should be noted that a 2017 U.S. Department of Health and Human Services analysis estimated that between 61 million and 133 million Americans have a preexisting condition.
• In 2017, a committee in the Republican-controlled House of Representative approved HR 1313, “a bill that would let companies make employees get genetic testing and share that information with their employer — or pay thousands of dollars as a penalty.” The bill died from inaction after Democrats won the House in the 2018 midterm elections.
• In 2018, police in California identified a serial killer by matching his DNA with DNA from members of his family who had signed up for a genealogy website called GEDmatch. Since then, questions have been raised about the accessibility of such data to law enforcement agencies.
• Consumer genetics testing companies frequently sell your data, often to pharmaceutical companies. This is a modern spin on the case of Henrietta Lacks, a poor Black woman who was treated for cervical cancer in 1951. Researchers discovered that her cells were incredibly resilient, and where other cancer patients’ cell samples would die, Lacks’ cells would continue to live and thrive. Without Lacks’ permission, researchers used her cells to conduct research into “the effects of toxins, drugs, hormones and viruses on the growth of cancer cells without experimenting on humans. They have been used to test the effects of radiation and poisons, to study the human genome, to learn more about how viruses work, and played a crucial role in the development of the polio vaccine.” Although the discovery was a boon to the worlds of science and medicine, the fact remains that Lacks’ medical and genetic information was used without her permission in what is now an industry worth more than $1 billion annually, as of 2019.
• The GINA law bans employers and health care companies from using genetic data to deny you coverage or employment. However, “companies with fewer than 15 people are exempt from this rule, as are life insurance, disability insurance, and long-term care insurance companies — all of which can request genetic testing as part of their application process.”
• What happens if companies make your medical or genetic information part of the interview process? Granted, some state and federal laws protect against genetic discrimination, but those laws do not cover everything.

Consumer Privacy

I mentioned earlier that companies want your data for their marketing. Indeed, it’s been shown that Facebook, for example, looks at its customers as less like people and more like products to be sold to advertisers. A Vermont law forced some transparency on companies that sell our information, but very little is actually known about who has access to our information, and what happens to it after it is sold. California has taken steps to address that lack of knowledge, but it is too early to see what kind of impact the law is having.

…take a closer look at the various apps you keep on your devices. How much access do those apps have to your private information? For example, do you really need to grant “Candy Crush” access to your microphone, camera, and location?

Workplace Privacy

When you’re at work, you likely don’t expect to have privacy. A 2018 study showed that 50 percent of companies monitor their workers’ emails and social media accounts, “along with who they met with and how they utilized their workspaces.” Fast forward a year, and 62 percent of companies were “leveraging new tools to collect data on their employees.” And even in the current work-from-home reality of COVID-19, employers are still keeping an eye on their workers. For example, random screenshots of your workers’ screens will tell you what they’re actually doing. Indeed, “monitoring software can track keystrokes, email, file transfers, applications used and how much time the employee spends on each task.” Also, if you ever use your personal phone for business purposes? You could be risking all of your personal data should your employment be terminated.

A hopeless situation?

Earlier, I mentioned a 2019 Pew Research Center study showing that “roughly six-in-ten U.S. adults” believed they were being monitored by the government and companies., and that they “do not think it is possible to go through daily life without having data collected about them by companies or the government.” The report also noted that most Americans feel “they have little or no control over how these entities use their personal information.”

With that information as a backdrop, it is important to realize that what may seem like a hopeless situation actually is an opportunity. Granted, U.S. laws on privacy have fallen behind the pace of technology, and it has been shown that those in charge of regulating technology and social media platforms often do not understand the very technologies they’ve been charged with monitoring. As a 2018 Brookings Institution paper warns:

“This is where we are with data privacy in America today. More and more data about each of us is being generated faster and faster from more and more devices, and we can’t keep up. It’s a losing game both for individuals and for our legal system. If we don’t change the rules of the game soon, it will turn into a losing game for our economy and society.”

Indeed, news reports seem to bear this out. From the Snowden revelations in 2013, to the 2017 Equifax breaches that exposed the data of nearly 146 million Americans, to the 2018 Cambridge Analytica scandal and beyond, more and more attention is being paid to the subject of data privacy. But that just means that we’re more aware. What can we actually do about it?

Recommendations

First of all, I strongly recommend that you make use of the one aspect of your digital data that you do control —namely, your device privacy settings.  Some of the data sharing our devices perform is within our ability to control. However, it is important to remember than many aspects of it are not.

Second, take the time to actually read the privacy policies of the digital devices and online services that you use. As the Brookings Institution has noted, perhaps the concept of “informed consent was practical two decades ago, but it is a fantasy today. In a constant stream of online interactions, especially on the small screens that now account for the majority of usage, it is unrealistic to read through privacy policies. And people simply don’t.” The fact that so many people don’t bother to read those polices effectively makes them complicit when their own data is used against them.

Third, take a closer look at the various apps you keep on your devices. How much access do those apps have to your private information? For example, do you really need to grant “Candy Crush” access to your microphone, camera, and location?

And then, of course, are the ideas that you could demand from digital service companies.

Pitch these ideas to lawmakers, activists, and journalists to force companies to discuss them:

• Demand that companies establish easier ways to manage your devices’ privacy settings
• Demand that companies be transparent over how they store, and if they share, your information.
• Demand “real name” requirements for social media, in which the accounts can only be opened with a photocopy of a government-issued ID card. Admittedly, there would be a loss of privacy here, but it would lead to a decrease in the frequent “mob” mentality we see online, and an increase in the accountability of account users for their content.
• Companies should have a standardized form governing whether to grant permission to companies to sell or share their personal data.
• Question lawmakers to ensure that they understand the technologies they’re attempting to regulate.
• Demand that, if someone is cleared of criminal charges, any biometric data that was gathered as a result of the arrest be deleted within 30 days.
• Require that greater scrutiny be given to digital applications coming from foreign countries that have a history of intellectual property theft.
• Demand that lawmakers reveal if they have any financial ties to technology companies
• Require technology companies to create more secure privacy settings for minors using social media.

Admittedly, some of the above suggestions may be long shots, particularly given how much money technology companies and their lobbyists have at their disposal. This would seem an impossible task, taking back control of our digital data.

However, to put it into a historical context: Women’s right to vote, the end of slavery, and same-sex marriage were once considered impossible tasks, too.

About the author

Melvin Bankhead III is the founder of MB Ink Media Relations, a boutique public relations firm based in Buffalo, New York. An experienced journalist, he is a former syndicated columnist for Cox Media Group, and a former editor at The Buffalo News.

Note from MTN Consulting

MTN Consulting is an industry analysis and research firm, not a company that typically comments on politics. We remain focused on companies who build and operate networks, and the vendors who supply them. That isn’t changing. However, we are going to dig into some of the technology issues related to these networks and networking platforms which are having (or will have) negative societal effects.

–

Image credit: iStock, by Getty Images

There’s been a lot of talk in recent weeks regarding facial recognition technology. Much of the conversation has centered on privacy concerns. Other aspects concern the technical flaws in the software, which impacts the technology’s accuracy. Still others center on the demonstrated gender and racial biases of such systems, and the potential of governments and police forces using facial recognition to weaponize racial bias.

Indeed, the media has been following the conversations. Reports have dealt with China’s current use of facial recognition in its crackdown on a minority group; the questionable accuracy of the technology itself, particularly when involving people of color; and, of course, the intersection of privacy, law enforcement and racial bias when U.S. agencies and local police forces use facial recognition technologies.

A few other examples:

• Concern that PimEyes, which identifies itself as a tool to help prevent the abuse of people’s private images, could instead “enable state surveillance, commercial monitoring and even stalking on a scale previously unimaginable.”
• Concern that use of Clearview AI’s facial recognition system could easily be abused, as the app’s database was assembled by “scraping” pictures from social media, enabling the company to access your name, address and other details — all without your permission. The app, although not available to the public, is being “used by hundreds of law enforcement agencies in the U.S, including the FBI.” In May, Clearview AI announced that it would cease selling its software to private companies.
• In response to the mask-related laws connected to the spread of COVID-19, tech companies have been attempting to update their facial recognition software so that it still works even when the subject of the scan is wearing a face mask.
• Business Insider, Wired, U.S. News & World Reports, Popular Mechanics, the Guardian, and the Washington Post have all published reports on ways to defeat facial recognition systems.
• IBM’s announcement, in a letter to Congress, that “IBM no longer offers general purpose IBM facial recognition or analysis software. IBM firmly opposes and will not condone uses of any technology, including facial recognition technology offered by other vendors, for mass surveillance, racial profiling, violations of basic human rights and freedoms, or any purpose which is not consistent with our values and Principles of Trust and Transparency. We believe now is the time to begin a national dialogue on whether and how facial recognition technology should be employed by domestic law enforcement agencies.”
• Amazon’s announcement that they are “implementing a one-year moratorium on police use of Amazon’s facial recognition technology. We will continue to allow organizations like Thorn, the International Center for Missing and Exploited Children, and Marinus Analytics to use Amazon Rekognition to help rescue human trafficking victims and reunite missing children with their families.”
• Microsoft CEO Brad Smith confirmed that the company “will not sell facial-recognition technology to police departments in the United States until we have a national law in place, grounded in human rights, that will govern this technology.”
• Other tech companies — NEC and Clearview AI among them — restated their commitment to providing facial recognition technology to police departments and governmental agencies.

So, yes, people are talking about facial recognition technology. And as the conversation grows, more people and corporations joining the conversation. MTN Consulting, like Amazon, IBM and Microsoft, and others, is expressing alarm at how the technology is used and, in a growing number of instances, abused.

Oddly, many people don’t know a great deal about the technology, such as how it works, how accurate it is, or how much of a threat it poses.

Let’s explore:

What is facial recognition?

According to the Electronic Frontier Foundation, facial recognition “is a method of identifying or verifying the identity of an individual using their face. Facial recognition systems can be used to identify people in photos, video, or in real-time. Law enforcement may also use mobile devices to identify people during police stops.”

How does it work?

According to Norton, a picture of your face is saved from a video or photograph. The software then looks at the way your face is constructed. In other words, it “reads the geometry of your face. Key factors include the distance between your eyes and the distance from forehead to chin. The software identifies facial landmarks — one system identifies 68 of them — that are key to distinguishing your face. The result: your facial signature.”

Next, your facial signature, “is compared to a database of known faces. And consider this: at least 117 million Americans have images of their faces in one or more police databases. According to a May 2018 report, the FBI has had access to 412 million facial images for searches.”

Finally, the system determines whether your face matches any of the other stored images.

How is it used?

Facial recognition has many uses. For example, the 2002 film “Minority Report” imagined the potential outcomes of the technology. In the film, when the main character, played by Tom Cruise, enters a mall, he is inundated by personalized greetings and advertising, all holographic, and all keyed to his facial scan – particularly, his eyes. Later, he enters the subway system, and facial recognition is again used, this time in lieu of immediate payment or carrying identification.

“Minority Report,” in its own way, was prescient in its prediction that facial recognition software would be everywhere, although it primarily addressed the commercial applications. In real life, however, the technology is used by both corporations and governments. A few examples:

• The Moscow Times recently reported that Russia plans to equip more than 43,000 Russian schools with facial recognition. The 2 billion ruble ($25.4 million) project, named “Orwell,” will “ensure children’s safety by monitoring their movements and identifying outsiders on the premises, said Yevgeny Lapshev, a spokesman for Elvees Neotech, a subsidiary of the state-controlled technology company Rusnano. According to Vedomosti, a Russian-language business daily, “Orwell” has already been in more than 1,608 schools.
• Mobile phones are sold with facial recognition software that is used to unlock the phone, replacing the need for a password or PIN. Many companies – including Apple, Guangdong OPPO, Huawei, LG, Motorola, OnePlus and Samsung — offer phones with this technology.
• As for laptops, Apple is lagging behind other manufacturers at the moment. The company recently announced that it is planning to add facial recognition software to its MacBook Pro laptop and iMac screen lines. Meanwhile, Acer, Asus, Dell, HP, Lenovo, and Microsoft. have offered the technology in its laptops for years.

There are, of course, many other ways in which the technology is used:

• The U.S. government uses it at airports to monitor passengers.
• Some colleges use it to monitor classrooms, as it can be used for security purposes, as well as something simpler like taking roll.
• Facebook uses it to identify faces when photos are uploaded to its platform, so as to offer members the opportunity to “tag” people in the photos.
• Some companies have eschewed security badges and identification cards in favor of facial recognition systems.
• Some churches use it to monitor who attends services and events.
• Retailers use surveillance cameras and facial recognition to identify regular shoppers and potential shoplifters. (“Minority Report,” anyone?)
• Some airline companies scan your face while your ticket is being scanned at the departure gate.
• Marketers and advertisers use it at events such as concerts. It allows them to target consumers by gender, age, and ethnicity.

 So, what’s the concern?

Well, there are three main concerns, mainly in the areas of privacy, accuracy, and governmental abuse. There is, however, a strong thread of racism that is integral to all three concerns.

Privacy

Although using a facial scan to gain access to your phone is more secure than, say, a short password, it isn’t perfect. There are some concerns about how and where the data is stored.

Admittedly, many people use facial recognition systems for fun. Specialized apps designed for, or that offer, the technology include B612, Cupace 4.8, Face App 4.2, Face Swap (by Microsoft), and Snapchat. The apps permit you to scan your face, and swap it with, say, that of a friend or film star.

The easy accessibility of such apps is a boon for those who would use them. However, the very popularity of the apps give rise to certain questions. For example, if the company stores the facial images in the cloud, how good is the security? How accessible is the data to third parties? Does the company ever sell that data to other companies? A simple leak of data, or a more aggressive hacking of the database, could result in many peoples’ data being compromised.

Another privacy aspect involves monitoring people without their knowledge or consent. People going about their daily business don’t typically expect to be monitored … but there are exceptions, depending on where you live.  Last year, China was accused of human rights abuses in Xinjiang, a province populated by hundreds of thousands of the mostly Muslim ethnic group known as Uighurs. The New York Times reported on how the government used facial recognition systems to identify Uighurs, who were then seized and imprisoned in clandestine camps. Millions of others are monitored daily to track their activities.

In the U.S., reports circulated that some police departments were using technology developed by Clearview AI. The startup had scraped billions of photos from social media accounts in order to assemble a massive database that law enforcement officials could access – all without people’s consent. In other words, any photos that you’ve posted on SnapChat, Twitter, Facebook, Instagram, or other social media platform, could be part of the database without your knowledge. The only way you would find out is if the police connect your face to a crime and come knocking on your door.

Indeed, Clearview AI has raised the ire of the American Civil Liberties Union, the European Data Protection Board, members of the U.S. Senate, as well as provincial and federal watchdogs in Canada.

Admittedly, some will argue that, although the collection of the data is likely an invasion of people’s privacy, the data itself is useful to assist law enforcement. Granted, that interpretation is subjective, but relevant to the argument at hand. However, it also assumes two things: that people being surveilled by the police are suspects; and that the technology is accurate.

In both cases, however, the reverse is often true. And because of that, innocent people can be surveilled without their knowledge or consent; the wrong people can end up arrested, tried and convicted for crimes they didn’t commit; and racial bias can be weaponized. More on that latter point in a bit.

Accuracy

In December 2019, researchers at Kneron decided to put facial recognition to the test. Using images of other people —in the form of 2-D photos, images stored on cell phones, and 3-D printed masks — they managed to penetrate security at various locations. Although most sites weren’t fooled by the 2-D image or video copies, the 3-D mask sailed through most of the scans, including at a high-speed rail station in China and point-of-sales terminals. Worse, the team was able to pass through a self-check-in terminal at the Schiphol Airport, one of Europe’s three busiest airports, with a picture saved on a cell phone. They were also able to unlock at least one popular cell phone model.

So, we know that the face-matching aspect of facial recognition can be fooled. Granted, one might argue that using a 3-D printer isn’t that common an occurrence. However, given that the worldwide sales of 3-D printers generated $11.58 billion USD in 2019; that 1.42 million units were sold in 2018; and that annual global sales are expected to hit 8.04 million units by 2027, it can be safely assumed that 3-D masks pose a risk to facial recognition systems.

Still, obvious attempts to beat the system notwithstanding, there’s an even deeper concern regarding facial recognition — the face-matching aspect of the software isn’t always that accurate, and it has shown a demonstrated bias against women and people of color:

• In 2018, the ACLU used Amazon’s facial recognition tech to scan the faces of members of Congress. Amazon’s “Rekognition” tool “incorrectly matched 28 members of Congress, identifying them as other people who have been arrested for a crime. The members of Congress who were falsely matched with the mugshot database we used in the test include Republicans and Democrats, men and women, and legislators of all ages, from all across the country.”
• The FBI admitted in October 2019 that its facial recognition database “may not be sufficiently reliable to accurately locate other photos of the same identity, resulting in an increased percentage of misidentifications.”
• In the United Kingdom, police departments use facial recognition systems that generate results with an error rate as high as 98 percent. In other words, for every 100 people identified as suspects, 98 of them were not, in fact, actual suspects.
• In June 2019, a problem with a Chinese company’s facial recognition system went viral after one employee’s facial scan, used to clock into and out of work, “kept matching (the) employee’s face to his colleagues, both male and female. People started joking that the man must have one of those faces that looks way too common.”
• Back in January, Robert Williams, a Black man, was arrested by Detroit police in his driveway. He then spent over 24 hours in a “crowded and filthy cell,” according to his attorneys. Police thought Williams was a suspect in a shoplifting case. However, the inciting factor for the arrest was a facial recognition scan, which had incorrectly suggested that Williams was the suspect. And while the charges were later dropped, the damage was done: Williams’ “DNA sample, mugshot, and fingerprints — all of which were taken when he arrived at the detention center — are now on file. His arrest is on the record,” says the American Civil Liberties Union, which has filed a complaint with Detroit police department. “Study after study has confirmed that face recognition technology is flawed and biased, with significantly higher error rates when used against people of color and women. And we have long warned that one false match can lead to an interrogation, arrest, and, especially for Black men like Robert, even a deadly police encounter. Given the technology’s flaws, and how widely it is being used by law enforcement today, Robert likely isn’t the first person to be wrongfully arrested because of this technology. He’s just the first person we’re learning about,” the ACLU warns.
• In May, Harrisburg University announced that two of its professors and a graduate student had “developed automated computer facial recognition software capable of predicting whether someone is likely going to be a criminal. With 80 percent accuracy and with no racial bias, the software can predict if someone is a criminal based solely on a picture of their face.” On June 23, over 1,500 academics condemned the research paper in a public letter. In response, Springer Nature will not be publishing the research, which the academics blasted as having been “based on unsound scientific premises, research, and methods which … have [been] debunked over the years.” The academics also warn that it is not possible to predict criminal activity without racial bias, “because the category of ‘criminality’ itself is racially biased.”

As I indicated earlier, aspects of racism exist with the argument surrounding facial recognition. It’s not just that the technology can be used in a discriminatory manner (more on that later). It is also because the scan results themselves can show bias against women and people of color.

“If you’re black, you’re more likely to be subjected to this technology and the technology is more likely to be wrong. That’s a hell of a combination.”

-Congressman Elijah Cummings, March 2017.

In 2012, a joint university study that was co-authored by the FBI showed that the accuracy of facial recognition scans was lower for African Americans than for other demographics. The software also misidentifies “other ethnic minorities, young people, and women at higher rates.” The fact that more recent studies, including some as recent as last year, show these same problems indicates that the bias is known, and yet is still not being addressed.

Another joint university study, this one published in 2019, found that the facial recognition software used by Amazon, IBM, Kairos, Megvii, and Microsoft were significantly less accurate when identifying women and people of color. Among their findings were that Kairos and Amazon’s software performed better on male faces than female faces; that their software performed much better on light-skinned faces than on darker faces; that they perform the worst on dark-skinned women, with Kairos showing an error rate of 22.5 percent, and Amazon showing an error rate of 31.4 percent; and that neither company showed an error rate for lighter-skinned men.

In December 2019, a National Institute of Standards and Technology study demonstrated the results of testing 189 facial recognition from 99 companies. The study found that the majority of the software had some form of bias. Indeed, among the broad findings:

• One-to-one matching revealed higher error rates for “Asian and African American faces relative to images of Caucasians. The differentials often ranged from a factor of 10 to 100 times, depending on the individual algorithm.”
• Among U.S.-made software, “there were similar high rates of false positives in one-to-one matching for Asians, African Americans and native groups (which include Native American, American Indian, Alaskan Indian and Pacific Islanders). The American Indian demographic had the highest rates of false positives.”
• For software made in Asian countries doing one-to-one matching, there was no dramatic difference in false positives for Asian and Caucasian faces.
• “For one-to-many matching, the team saw higher rates of false positives for African American females. Differentials in false positives in one-to-many matching are particularly important because the consequences could include false accusations.”

As we discussed earlier, three of America’s top technology companies recently announced that they would temporarily halt, or end altogether, the sale of facial recognition technology to police departments. The announcement by Amazon, IBM and Microsoft surprised police departments, market analysts and journalists for a specific reason: those particular companies had previously shown no real interest in what advocates for racial justice and civil rights had to say.

Although such advocates have complained for years about the threat posed to their communities by mass surveillance, and corporate complicity in that surveillance, it wasn’t until nationwide protests against police brutality and systemic racism that America’s top tech companies began to listen. As we’ve already determined, facial recognition is not all that accurate when dealing with people who are not White men. Even low error rates can result in mistaken arrests. And, as there is a demonstrated police bias against people of color, as shown in arrest rates, the idea of such technology being abused when used against “suspects” of color is not so unbelievable.

In a March 2017 hearing of the U.S. House of Representatives’ oversight committee, ranking member Elijah Cummings warned against law enforcement’s use of facial recognition software. “If you’re black, you’re more likely to be subjected to this technology and the technology is more likely to be wrong,” Cummings said. “That’s a hell of a combination.”

So, we know that the technology isn’t foolproof, that it discriminates against women and people of color, and that it being increasingly used by governmental agencies and police departments.

What can this lead to?

Remember the earlier observation about China?

Governmental Abuses

Last year, PBS went undercover into China’s Xinjiang province to investigate accusations of mass surveillance and detentions of Uighurs, a mostly Muslim ethnic group.  As the New York Times reported, hundreds of thousands of Uighurs were then seized and imprisoned in clandestine camps, while millions of others are monitored daily to track their activities.

In January, Amnesty International warned that, “In the hands of Russia’s already very abusive authorities, and in the total absence of transparency and accountability for such systems, the facial recognition technology is a tool which is likely to take reprisals against peaceful protest to an entirely new level.”  The warning came as a Moscow court took on a case by a civil rights activist and a politician who argued that Russia’s surveillance of public protests was a violation of their right to peacefully assemble.

And, of course, we have the United States, where governmental agencies and police departments use demonstrably racially biased facial recognition software.

As the ACLU reported after Amazon, IBM and Microsoft halted or ended the sale of facial recognition technology to law enforcement agencies, “racial justice and civil rights advocates had been warning (for years) that this technology in law enforcement hands would be the end of privacy as we know it. It would supercharge police abuses, and it would be used to harm and target Black and Brown communities in particular.”

The ACLU warned that facial technology “surveillance is the most dangerous of the many new technologies available to law enforcement. And while face surveillance is a danger to all people, no matter the color of their skin, the technology is a particularly serious threat to Black people in at least three fundamental ways”:

• The technology itself is racially biased (see above).
• Police departments use databases of mugshots, which “recycles racial bias from the past, supercharging that bias with 21st century surveillance technology. … Since Black people are more likely to be arrested than white people for minor crimes like cannabis possession, their faces and personal data are more likely to be in mugshot databases. Therefore, the use of facial recognition technology tied into mugshot databases exacerbates racism in a criminal legal system that already disproportionately polices and criminalizes Black people.”
• Even if the algorithms were equally accurate across race (again, see above), “government use of face surveillance technology will still be racist (because) … Black people face overwhelming disparities at every single stage of the criminal punishment system, from street-level surveillance and profiling all the way through to sentencing and conditions of confinement.”

And, indeed, fresh concerns about law enforcement’s use of facial recognition technologies have surfaced as the Black Lives Matter protests gain steam in the wake of George Floyd’s May 25^th death, while unarmed, under the knee of a White police officer. The protests, which consist of American citizens exercising their First Amendment rights, have been met by heavily armored police, aerial surveillance by drones, fake cellular towers designed to capture the stored data on protesters’ phones, covert government surveillance, and threats from President Donald J. Trump.

Of course, it would be wrong to say that all police officers, all governmental officials, are racist. It would be ludicrous, however, to say that the various systems that make up the infrastructure of the United States do not have a strong foundation that is racist in origin – particularly when it comes to law enforcement.

As the ACLU warned, “(the) White supremacist, anti-Black history of surveillance and tracking in the United States persists into the present. It merely manifests differently, justified by the government using different excuses. Today, those excuses generally fall into two categories: spying that targets political speech, too often conflated with ‘terrorism,’ and spying that targets people suspected of drug or gang involvement.” One currently relevant example is the FBI surveillance program that targets what the federal government considers to be “Black Identity Extremists” — the FBI’s way of justifying surveillance of Black Lives Matter activists, much as it kept a close watch on the Rev. Dr. Martin Luther King Jr. during the civil rights protests of the 1960s.

That some of America’s technology companies have decided, at least for now, to no longer be complicit in exacerbating racist policies is something to be applauded. However, it remains to be seen how long these changes will last, who will follow their lead … and whether any important lessons will be learned.

Time will tell.

About the author

Melvin Bankhead III is the founder of MB Ink Media Relations, a boutique public relations firm based in Buffalo, New York. An experienced journalist, he is a former syndicated columnist for Cox Media Group, and a former editor at The Buffalo News.

Note from MTN Consulting

MTN Consulting is an industry analysis and research firm, not a company that typically comments on politics. We remain focused on companies who build and operate networks, and the vendors who supply them. That isn’t changing. However, we are going to dig into some of the technology issues related to these networks and networking platforms which are having (or will have) negative societal effects.

Image credit: iStock, by Getty Images