In one of Shakespeare’s most famous scenes from Romeo & Juliet, Juliet says to Romeo:
O, be some other name!
What’s in a name? that which we call a rose
By any other name would smell as sweet;
Her lament is over Romeo’s identity as a member of the Montague family, feuding rivals of Juliet’s Capulets. Their public identities are an obstacle to their love, and to Juliet’s mind, he is more than their families’ history. If he could shed his unfortunate name, all would be resolved. (It’s interesting to note that when Romeo and Juliet first meet at the Capulet party, Romeo is masked. With his identity protected, he is most free.)
We now live in an era where we might well ask “What’s in a face?” In a twist on Juliet’s speech, names may well be made obsolete, but not in the way she desired. As powerful facial recognition technology becomes commonplace, our identities and the information gathered about us have become inextricably and passively linked to our faces.
This lead us to ask who owns your face? What are the commercial and societal benefits of facial recognition? How can we control our privacy when we may not even be aware when our face and therefore our identity is being tracked?
A Biometric Boon or Bane?
Facial recognition systems are a form of biometric identifier. They “recognize” a person from a digital image, relying on distinguishing landmarks and features called “nodal points.” Nodal points include details such as the width of the nose, depth of eye sockets, shape of cheekbones, and other markers.
Proponents of facial recognition point towards enhanced security and fraud prevention as useful applications. Facial recognition might be used to boost airport security. But it could also be used by high-end retail to spot VIPs without their knowledge and researchers point out that there are potential flaws, especially with police facial recognition technology.
Facial recognition surveillance might deliver on its promises of more secure airports, but experts believe privacy protections lag too far behind. Jeramie D. Scott writes in an in-depth opinion piece for The Hill:
“We need to implement regulations for the use of biometrics, particularly facial recognition and similar biometrics that can be done remotely, without the subject’s knowledge, and on a mass scale. Biometrics like face recognition can easily be used for mass, indiscriminate surveillance of the public. Given the risks posed by biometric surveillance, it should not be after the implementation of a vast biometric surveillance infrastructure that we decide the policies of its use.”
Privacy advocates voice similar concerns. The Electronic Frontier Foundation (EFF) maintains an ongoing watch over biometric-related privacy and freedom issues, including more than just facial recognition technology.
Eyeballing Best Practices
So who’s watching the cameras while the cameras watch us? The landscape surrounding biometrics and facial recognition in particular is a patchwork of emerging laws, guidelines, and recommendations.
Few states regulate commercial use of the technology, while the FTC’s recommendations from 2012 urge businesses to take a user-centric, “Privacy by Design” approach. The National Telecommunications & Information Administration provides documentation of their best-practices recommendations based on Fair Information Practice Principles (PDF link). Broadly speaking, this includes transparency regarding the technology in use, good data management practices, use limitation, security safeguards and data quality, and clear pathways consumers can use to resolve problems.
The ACLU strongly objects to the use of facial recognition technology, especially in the context of the U.S. Customs and Border Protection’s “Traveler Verification Service” (TVS). To the ACLU’s eye, facial recognition biometrics are the most dangerous form of verification for a number of reasons, including the “greater potential for expansion and misuse.”
Jay Stanley, Senior Policy Analyst for the ACLU Speech, Privacy, and Technology Project says: “you can subject thousands of people an hour to face recognition when they’re walking down the sidewalk without their knowledge, let alone permission or participation. You can’t do that with fingerprints. Face recognition databases could be plugged in to every surveillance camera in America, creating a giant infrastructure for government tracking and control.”
Not only is it massive and passive, it “normalizes face recognition as a checkpoint technology,” “will inevitably be subject to mission creep,” “has a major reliability problem,” and is “fundamentally unnecessary and wastes taxpayer money.”
The U.S. is not the only country where facial recognition is raising concerns. Germany recently deployed facial recognition cameras at a major Berlin railway station.
Governments are not alone in their effort to normalize and protect access to the use of facial recognition biometrics. As reported by April Glaser for Slate, Facebook has engaged in aggressive lobbying and legal battles to defend facial recognition programs.
Facing the Facts
If we want to make informed decisions about facial recognition technology and how it may best serve society, we need to recognize the privacy paradox. Research shows that despite what we say about privacy, how we behave is often markedly different. We need to examine our values and then align our actions to support our position on privacy.
There are some actions you can take if you’re concerned about facial recognition:
· Raise your awareness of facial recognition and privacy/security issues. (This might include keeping up with EFF and ACLU articles, like the ones referenced above.)
· Be choosy about faces you post to social media. Given that Facebook has highly advanced recognition software, consider whether or not the benefits of sharing a personal photo outweigh the biometric data you’re giving away.
·Look for disclosure. Terms of Service and Privacy Statements should provide you with an idea of the facial recognition technology in play and may even provide you with a way to opt-out.
· Keep up with privacy tools to protect your information. Look for privacy enhancing technologies. Some, like D-ID, offer ways to thwart facial recognition algorithms. You can be sure others in the space will follow suit as demand grows for privacy protection.
Romeo and Juliet may have been Shakespeare’s great romantic tragedy, but your relationship with facial recognition technology doesn’t have to be. Remember what’s in a face.