tymshft

There is nothing new under the sun…turn, turn, turn

Archive for the tag “biometrics”

I was writing about “perpetual lineup” in 2014 – sort of

[DISCLAIMER: I am employed in the biometric industry. The views expressed in this post are my own, and are not necessarily the views of any present or previous employer, or of any organization with which I am presently or previously associated.]

For those who completely skipped over the disclaimer because they’re boring, I am employed in the biometric industry, and have been so employed for over two decades. There have been a number of changes in this industry over the years, both from a procedural standpoint (witness the varied effects of the 2009 NAS report) and a technological standpoint.

One of the more recent contributions to the discussion is a report from Georgetown Law’s Center on Privacy & Technology. Obviously the report has its own hashtag – #perpetuallineup to be precise.

It should be noted that the report is not a 100% complete slam on facial recognition technology itself.

The benefits of face recognition are real. It has been used to catch violent criminals and fugitives. The law enforcement officers who use the technology are men and women of good faith. They do not want to invade our privacy or create a police state. They are simply using every tool available to protect the people that they are sworn to serve. Police use of face recognition is inevitable. This report does not aim to stop it.

Rather, this report offers a framework to reason through the very real risks that face recognition creates.

Among other topics, the report touches upon privacy issues. For example:

If deployed pervasively on surveillance video or police-worn body cameras, real-time face recognition will redefine the nature of public spaces. At the moment, it is also inaccurate. Communities should carefully weigh whether to allow real-time face recognition. If they do, it should be used as a last resort to intervene in only life-threatening emergencies. Orders allowing it should require probable cause, specify where continuous scanning will occur, and cap the length of time it may be used.

Because, of course, the public is demanding that the police NOT implement body-worn cameras, or use them pervasively.

Whoops, I seem to have run across another article.

Police Chief Shelley Zimmerman is right that public safety could have been at risk had the officers paused to turn on their body cameras; Tuesday’s incident unfolded rapidly. But we wonder about the wisdom of her suggestion that there could be a technological fix in which body cameras automatically turn on when an officer pulls his or her gun. Police conduct isn’t only an issue when officers shoot people. When a patrol officer is on duty, his or her body camera should be on by default. If this means SDPD has to buy more expensive batteries that last longer, so be it.

So on the one hand, you have people declaring that body cameras are wonderful things that should always be turned on, and on the other hand you have people declaring the body cameras infringe on civil liberties and should only be turned on in certain circumstances.

I’ve been thinking about this contradiction for years. In fact, I wrote about it in this very blog in December 2014.

However, [Sterling] Crispin’s project doesn’t really touch on a basic conflict in our thinking about surveillance.

In a reactive manner, Michael Brown’s death in Ferguson, Missouri has resulted in many calls for police to always wear video recording equipment, so that all encounters between police and civilians are recorded….Many are elated at the fact that the actions of Tamerlan and Dzhokhar Tsarnaev were captured by a number of cameras in Boston, Massachusetts.

At the same time, some of the same people who are demanding that the police record things are also demanding that the police NOT record things. Crispin is disturbed by the fact that the FBI’s Next Generation Identification system can possibly be used on civilians. Many are disturbed by all of those video cameras out there – stationary ones installed by governments and private businesses, and mobile ones on Google Glass and on our own telephones.

You can’t simultaneously demand that things be recorded, and that things not be recorded.

In fact, the all bodycam all the time movement has already resulted in one lawsuit threat:

At issue is body cam video the [Spokane Police] department posted to its Facebook page Wednesday that showed how [Sergeant Eric] Kannberg was dealing with one drunken individual when another person approached him and intervened. That video subsequently went viral on Facebook, racking up tens of thousands of views in the first 24 hours.

The man who contacted Kannberg, who was arrested on a third-degree assault charge, the arrest captured on video, says the police department shouldn’t have posted the video. The man’s attorney said the department should not have posted the video before the man who was arrested had his day in court.

The police department, however, says the video they posted wasn’t private, and they did it to show the patience Kannberg displayed in trying to peacefully resolve the situation.

But now let’s lighten up, because the Sterling Crispin post was partially inspired by a futuristic fiction story that I had written in September 2014. My fiction dealt with the ramifications of unintended consequences. I’ll give you an example – before I was born, people thought that television would become the great educator, bringing audiovisual education into our own homes. By the time I was born, TV was being called a vast wasteland.

In my fiction story, I postulated that unintended consequences may also affect the movement to expose bodycam footage.

While police webcams became more popular way back in 2014 after the Ferguson incident and the Ray Rice case, some people still felt that the police were hiding something. As the years went on, more and more police departments adopted transparency rules, and by the time that Kim and Steve were enjoying their bacon-infused lunch, several police departments were not only equipping every police officer and police car with a webcam, but were also providing real-time public access to these feeds. The goal in providing these feeds was to not only provide complete transparency into police operations, but also to educate the public on the dangers that police officers faced every day as they patrolled their communities.

As with any technological advance, however, the lofty goals of the originators were soon replaced by other goals. The streams themselves became revenue sources for the police agencies, as anyone who accessed the feeds had to sit through commercials for bail bond companies, defense attorneys, and Progressive Insurance. And the audience, rather than consisting of civil libertarians monitoring police activity, ended up as a bunch of teens watching voyeuristically.

What would Jim Conley say?

Advertisements

Freedom vs. privacy – the Federal Trade Commission’s view

In my Empoprise-BI business blog, I recently introduced one possible solution to the tension between freedom and privacy.

So let me present my Empoprises Rule Regarding Recording Freedom and Privacy:

I am allowed to record anything that I want.

No one, however, is allowed to record me unless I say that it’s OK.

For some reason, some of you may think that this is not a good rule to apply to society. However, I don’t see any problem with it myself. 🙂

James Ulvog doubts that my proposal would work if it were universally adopted.

I think there may be a few little implementation issues if he ever is around another person who has also adopted his rule.

So I’ve continued to search for a better solution. My search is not only motivated by the recent discussion of Google Glass, but also because this conversation impacts upon my day job. (Needless to say, the opinions expressed in this post do not necessarily reflect the views of my employer MorphoTrak, who offers facial recognition products.)

And facial recognition, one of the technologies that happens to be offered by my employer, has popped up in a couple of instances over the last few days.

If you follow Jesse Stay on Google+, you may have noticed that he asked the following question a few days ago:

…any devs with strong facial recognition and object scanning tech experience interested in partnering on building something with my Google Glass?

In a post published today, Stay shared a possible solution:

In your Google+ account settings there’s an option to notify you if someone “Shares a photo or video with me that I might be in.” Enable that and even set it to send you an SMS when it happens. When someone takes a picture of you via Google Glass and shares it to Google+, it should notify you. Approve that, and now they know who you are.

Of course, it’s a bit of a hack, and the person you’re taking a picture of must be using Google+ and have this enabled to work, but it is a way to know who you are taking pictures of.

Basically Stay has taken two separate technologies and hacked them together to come up with a solution. The fact that both technologies are Google technologies is a happy accident; it could just as easily been technologies from different companies.

Of course, Stay’s solution only works if both people have opted in. But you may not necessarily have to opt in yourself for your data to be available to facial recognition software. This was reinforced in a recent 60 Minutes report that described an experiment by Carnegie Mellon’s Professor Alessandro Acquisti:

He photographed random students on the campus and in short order, not only identified several of them, but in a number of cases found their personal information, including social security numbers, just using a facial recognition program he downloaded for free.

And all of the protections that you personally implement regarding your data may be for naught. One example:

“One of the participants, before doing the experiment, told us, ‘You’re not going to find me because I’m very careful about my photos online.’ And we found him,” says Acquisti, “Because someone else had uploaded a photo of him.”

And that applies to other information about you, some of which is either public by design (home sales information) or public by accident (when a U.S. company accidentally leaks customer ID numbers when the numbers are in the form nnn-nn-nnnn).

Which returns us to our initial question – what is a workable way to strike a balance between freedom and privacy?

Last October Seth Colaner noted that the U.S. Federal Trade Commission (FTC) was working on the problem, and had issued a report entitled Facing Facts: Best Practices for Common Uses of Facial Recognition Technologies. According to Colaner, the report presents an issue that many of you already know – because of the combination of technology and data, it is possible to identify people who were previously anonymous.

Now the FTC does not have the power to legislate – only Congress can do that. (And, of course, it goes without saying that neither the FTC nor Congress has any legal standing outside of the United States.) But the FTC can certainly recommend, as Colaner notes.

The FTC report boils the above down into three short and sweet principles:

1. Privacy by Design: Companies should build in privacy at every stage of product development.
2. Simplified Consumer Choice: For practices that are not consistent with the context of a transaction or a consumer’s relationship with a business, companies should provide consumers with choices at a relevant time and context.
3. Transparency: Companies should make information collection and use practices transparent.

While the FTC’s recommendations are laudable, there’s another tension that prohibits wide adoption of them. And that’s not the need to strike a balance between freedom and privacy. It’s the need to strike a balance between profit and transparency.

To be continued…

Fingerprint folklore – how the Wests were won?

(Disclosure: I work in the biometrics industry. Needless to say, these are not necessarily the views of my employer.)

There are cases in which the historic significance of a moment cannot be discerned for years or decades after the event, and there are other cases in which the historic significant of a moment is immediately known.

Take the story of William West and Will West. If you’ve ever been involved in fingerprint identification, you’re familiar with the story, which discusses how the previous Bertillon method of biometric analysis was replaced with fingerprint identification. Here’s how GlobalSecurity.org told the story in 2011:

Bertillons system of identification was not without fault. For example, it relied heavily on precise measurements for identification purposes, and yet two people working on measurements for the same person would record different findings. The measurements taken were also only thought to be unique and accurate in adulthood. Therefore, someone who committed a crime prior to adulthood would not have their measurements on record. Additionally, it turned out to be the case that the features by which Bertillon based his identification system were not unique to any one individual. This led to the possibility of one person being convicted of another persons crimes. This possibility became abundantly clear in 1903 when a Will West was confused with a William West. Though it would later turn out to be the case that the two were identical twins, the issues posed by the Bertillonage system of identification were clear.

Or were they?

In 1987, Robert D. Olsen, Sr. of the Kansas Bureau of Investigation looked back at this moment, and the literature surrounding the moment. In his analysis, he discovered some things:

A search of the literature on fingerprint identification reveals that the alleged Will and William West case was not reported in print until Wilder and Wentworth’s account in 1918 (26). Please note that of the twenty–six books and articles listed in the bibliography, eighteen were published prior to the release of Wilder and Wentworth’s book and none of the eighteen mention the West case. Of particular note is that two of the items listed in the bibliography (14,15) were by the records clerk who took the Bertillon measurements and the fingerprints of Will and William West, but who never mentions the incident. One is immediately struck with the thought that a pioneer in the establishment of fingerprint identification never attached much significance to a case in which he played a very important role. Perhaps the case was not as important as we have been led to believe?

Please go here to read the remainder of Olsen’s article.

The CLPEX message board includes a thread on the entire affair. Toward the end of the thread, Gerald Clough wrote some musings regarding how the traditional story – the tale that the Will/William West case dealt an immediate blow to the Bertillon system – became so prevalent:

Well, we don’t have a whole lot of folklore in this field, and any significant activity can use (if not needs) some folklore. And you can’t keep a good story down. Historians strive for detailed and documented accuracy, and in the process usually strip an account of interest to any but other historians who, when the facts are nailed down, promptly lose interest in a problem already solved and an event that doesn’t mean much. But the stories that endure are those that distill broader truths and condense the experience of a time into a vivid and unforgettable tale.

Now most people won’t care whether fingerprints were generally accepted in 1903 or 1905 or 1918. But there are some that do. And there are some people such as Simon Cole, not revered within the fingerprint community (I’ve talked about Cole before), who believe that history may be repeating itself:

If this is indeed the beginning of the end of fingerprinting, history will be repeating itself. A century ago, fingerprinting was the upstart rival of the world’s dominant method of criminal identification: the Bertillon system, which used 11 bodily measurements, facial features, birthmarks, scars and tattoos to pinpoint individual identities. The transition to fingerprinting was treated as proof that the world was growing more rational, more discerning. But there may well come a time when our own genetically enhanced descendants find our belief in the power of fingerprinting as quaint as we find the Bertillon system.

And what is the new replacement for Bertillon’s system and the fingerprint system?

As it happens, a new metaphor has arisen just in time to fill the breach. These days we are increasingly apt to believe that our individuality is vouched for by the unique arrangement of genetic material in our cells. And DNA can now do nearly everything that fingerprinting does. Forensic scientists can recover identifiable DNA samples from ever-smaller traces of biological material, even the stray cells left by the smudge of a finger. Forensic DNA profiling, which has notably shed the early nickname of “DNA fingerprinting,” is a perfect match for high-tech millennial sensibilities. Old-style fingerprinting, with its reliance on human observation and its correspondence to a romantic notion of our place in the universe looks . . . well, just so last century.

Does anyone care to hazard a guess regarding what people will think of DNA one hundred years from now? Or fifty years from now?

Post Navigation