Your “face print”: facial recognition technology, law enforcement and you

The issue of citizens filming police, particularly in instances of misconduct, has been increasingly before the public eye for the past two years. Cases such as founder Adam ‘Ademo’ Mueller, whose trial for “wiretapping” (read: filming a cop and posting the recordings online) began this past week in New Hampshire, seem all-too-chillingly-common lately.

But the reverse case, when police and law enforcement are the ones capturing the photo and video, also has many privacy advocates concerned. All the more concerning is the pairing of surveillance photography and videotaping with face-recognition technology, where many privacy advocates suggest that the law has not caught up with the tech capabilities of law enforcement or private corporations.

On July 18, Senator Al Franken headed a Senate Judiciary Committee hearing on “What Facial Recognition Technology Means for Privacy and Civil Liberties.” In attendance were legal experts on technology, privacy and law enforcement, as well as some private industry representatives such as Facebook’s privacy chief, Rob Sherman.

To be clear, we’re talking about technology that is able to identify and tag photos on an individual level based on biometric characteristics such as nose bridge width and distance between eyes. This is known as developing an individually-identifiable “face print” akin to finger prints or other individual markers.

Jennifer Lynch, attorney with the Electronic Frontier Foundation, offered enlightening testimony before the hearing. Lynch illuminated the extent of facial recognition technology already in use:

Although the collection of biometrics—including face recognition-ready photographs—seems like science fiction; it is already a well-established part of our lives in the United States. The Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) each have the largest biometrics databases in the world, and both agencies are working to add extensive facial recognition capabilities. The FBI has partnered with several states to collect face recognition-ready photographs of all suspects arrested and booked, and, in December 2011, DHS signed a $71 million dollar contract with Accenture to incorporate facial recognition and allow real-time biometrics sharing with the Department of Justice (DOJ) and Department of Defense (DOD). State and local lawenforcement agencies are also adopting and expanding their own biometrics databases to incorporate face recognition, and are using handheld mobile devices to allow biometrics collection in “the field.”

Lynch emphasizes that private industry has equalled if not exceeded law enforcement in deploying face recognition tech:

The scope of government-driven biometrics data collection is well-matched by privatesector collection. Facebook, which uses face recognition by default to scan all photos uploaded to its site, states that its users uploaded more than 300 million photos every day in the three months ending on March 31, 2012. And, which developed Facebook’s face recognition tools and was recently acquired by the company, stated in March that it had indexed 31 billion face images. Other companies, from large technology companies like Google and Apple to small smartphone app providers, also provide face recognition products to their customers, and private companies are using biometric identification for everything from preventing unauthorized access to computers and corporate facilities to preventing unauthorized access to the gym.

Lynch sees stark privacy issues inherent in such widespread face recognition technology:

Biometrics in general are immutable, readily accessible, individuating and can be highly prejudicial. Face recognition, though, takes the risks inherent in other biometrics to a new level because Americans cannot take precautions to prevent the collection of their image.

Face recognition allows for covert, remote and mass capture and identification of images—and the photos that may end up in a database include not just a person’s face but also how she is dressed and possibly whom she is with. This creates threats to free association and free expression not evident in other biometrics.

Given this vast potential for misuse and overcollection, Lynch echoes other privacy advocates in calling for privacy legislation to head off abuses. While invoking wiretap laws may cause many to bristle given their misuse of late, we must recall the original purpose of wiretapping and recording statutes were to protect the public.

The Electronic Privacy Information Center, which has also lobbied Congress extensively around privacy and facial recognition, joins EFF in calling for privacy legislation. In testimony submitted to the Federal Trade Commission, EPIC suggested a moratorium on facial recognition technology by the private sector until appropriate safeguards can be put in place. Given the proliferating use of these technologies and the vast potential for oversharing of personally identifiable data and biometrics for all manner of shady purposes, this seems not only appropriate but critical to protecting citizens’ privacy and dignity.

About David Matson