No one asked Mark Zuckerberg about facial recognition when he visited the US Congress on April 10. He offered it as part of his response to questions about privacy when he said Facebook users should give “affirmative consent”when it comes to “technologies like facial recognition.” So why did he mention facial recognition at all? Is it that powerful? What can you do with facial recognition? What can we – anyone– learn from the pictures we post on LinkedIn, Facebook, Google and Instagram? Or the pictures routinely taken of us, our friends and families? Could I write an analytics application that could identify you and infer things – lots of things– about you from your picture? (Note that Facebook is actually fighting “affirmative consent” when it comes to facial recognition.)
I don’t have to write that app because others already have, with many more on the way. VentureRadar and other companies report well over fifty companies have developed facial recognition (FR) applications that can be used to track how often parishioners go to church or students attend class. Some of these applications use a simple technology to identify facial characteristics and some use more sophisticated technology – like machine learning – to identify faces and then infer behavioral preferences and other personal characteristics that enable facial recognition analytics (FRA). While type 1 facial recognition is concerning, type 2 is frightening, which is why I was surprised Zuckerberg even uttered the term especially to an “older” audience like the US Congress. Or maybe he uttered the phrase precisely because the audience was older. Instead of stopping the witness immediately to ask, “Wait, what did you say? What’s facial recognition? Should we be worried about it?," the Committee failed to grasp the significance of the moment – or the technology, which the Wall Street Journal reported on April 9 that “Alibaba (NYSE:BABA) leads a $600M Series C round in facial-recognition startup SenseTime Group, which a WSJ source says values the company at over $4.5B.” SenseTime is a Chinese company and the investment is consistent with what the New York Times describes as China’s goal “to become the world leader in artificial intelligence and create an industry worth $150 billion to its economy by 2030.”
Facial recognition makes transactions go faster, makes us safer at airports and even helps us find missing children, but it also represents the latest threat to a growing assault on our privacy. But unlike all of the other threats – like fingerprinting, blood samples, location-based services and retina scans – facial recognition is a biometric authentication tool that needs no consent. It just happens. Sometimes we deliberately trigger it, but sometimes we're recognized without our knowledge, consent or approval. That said, companies will adopt FR as quickly as the business models define the ROI: if it saves/makes money, it will be deployed (though not in Europe under the terms of the GDPR – the General Data Protection Regulation – which goes into effect at the end of May).
Amplifying the power of FRA is the application of artificial intelligence (AI) where inferences about human characteristics and behaviors can be made from facial images. The FRA/AI marriage will further weaken privacy, where simple images of our faces – which are everywhere – will be used – independently or combined with other personal data – to determine what we like to buy, how old we are, what diseases we may have, when we're hungry, who we like and where we live. This will all be done by matching, correlating and analyzing at-rest and streaming facial images and other at-rest/streaming data collected and analyzed over time as FRA is used by more and more vendors to accelerate transactions – and collect and generate more and more valuable data about our personalities, personal preferences, locations, patterns and behaviors.
What should concern us about FRA is its additive threat to privacy. We willingly and unwillingly share so much personal information about ourselves, our friends and families which then provides the means to personal analytics. The web sites we frequently visit – Facebook, Amazon, LinkedIn, Google, Apple, Twitter – among many others – package, use and sell this information (directly or through data aggregators) to manipulate our behavior. FRA makes our lives easier, more transparent and easily more manipulated. Another digital conundrum? Not really. The evidence around the negative privacy case is mounting. Without legislation – like what the Europeans have done with GDPR – privacy will continue to retreat in the US. Facial recognition analytics (FRA) is just another attack on weakening resistance in the US to the protection of our personal and professional privacy. Even “older” Congressmen, Congresswomen and Senators should understand this aspect of the digital world. Well, at least some of them should.
