Entries Tagged "privacy"

Page 85 of 145

Developments in Facial Recognition

Eventually, it will work. You’ll be able to wear a camera that will automatically recognize someone walking towards you, and a earpiece that will relay who that person is and maybe something about him. None of the technologies required to make this work are hard; it’s just a matter of getting the error rate down low enough for it to be a useful system. And there have been a number of recent research results and news stories that illustrate what this new world might look like.

The police want this sort of system. I already blogged about MORIS, an iris-scanning technology that several police forces in the U.S. are using. The next step is the face-scanning glasses that the Brazilian police claim they will be wearing at the 2014 World Cup.

A small camera fitted to the glasses can capture 400 facial images per second and send them to a central computer database storing up to 13 million faces.

The system can compare biometric data at 46,000 points on a face and will immediately signal any matches to known criminals or people wanted by police.

In the future, this sort of thing won’t be limited to the police. Facebook has recently embarked on a major photo tagging project, and already has the largest collection of identified photographs in the world outside of a government. Researchers at Carnegie Mellon University have combined the public part of that database with a camera and face-recognition software to identify students on campus. (The paper fully describing their work is under review and not online yet, but slides describing the results can be found here.)

Of course, there are false positives—as there are with any system like this. That’s not a big deal if the application is a billboard with face-recognition serving different ads depending on the gender and age—and eventually the identity—of the person looking at it, but is more problematic if the application is a legal one.

In Boston, someone erroneously had his driver’s licence revoked:

It turned out Gass was flagged because he looks like another driver, not because his image was being used to create a fake identity. His driving privileges were returned but, he alleges in a lawsuit, only after 10 days of bureaucratic wrangling to prove he is who he says he is.

And apparently, he has company. Last year, the facial recognition system picked out more than 1,000 cases that resulted in State Police investigations, officials say. And some of those people are guilty of nothing more than looking like someone else. Not all go through the long process that Gass says he endured, but each must visit the Registry with proof of their identity.

[…]

At least 34 states are using such systems. They help authorities verify a person’s claimed identity and track down people who have multiple licenses under different aliases, such as underage people wanting to buy alcohol, people with previous license suspensions, and people with criminal records trying to evade the law.

The problem is less with the system, and more with the guilty-until-proven-innocent way in which the system is used.

Kaprielian said the Registry gives drivers enough time to respond to the suspension letters and that it is the individual’s “burden’” to clear up any confusion. She added that protecting the public far outweighs any inconvenience Gass or anyone else might experience.

“A driver’s license is not a matter of civil rights. It’s not a right. It’s a privilege,” she said. “Yes, it is an inconvenience [to have to clear your name], but lots of people have their identities stolen, and that’s an inconvenience, too.”

IEEE Spectrum and The Economist have published similar articles.

EDITED TO ADD (8/3): Here’s a system embedded in a pair of glasses that automatically analyzes and relays micro-facial expressions. The goal is to help autistic people who have trouble reading emotions, but you could easily imagine this sort of thing becoming common. And what happens when we start relying on these computerized systems and ignoring our own intuition?

EDITED TO ADD: CV Dazzle is camouflage from face detection.

Posted on August 2, 2011 at 1:33 PMView Comments

ShareMeNot

ShareMeNot is a Firefox add-on for preventing tracking from third-party buttons (like the Facebook “Like” button or the Google “+1” button) until the user actually chooses to interact with them. That is, ShareMeNot doesn’t disable/remove these buttons completely. Rather, it allows them to render on the page, but prevents the cookies from being sent until the user actually clicks on them, at which point ShareMeNot releases the cookies and the user gets the desired behavior (i.e., they can Like or +1 the page).

Posted on July 28, 2011 at 2:02 PMView Comments

Data Privacy as a Prisoner's Dilemma

Good analysis:

Companies would be better off if they all provided meaningful privacy protections for consumers, but privacy is a collective action problem for them: many companies would love to see the ecosystem fixed, but no one wants to put themselves at a competitive disadvantage by imposing unilateral limitations on what they can do with user data.

The solution—and one endorsed by the essay—is a comprehensive privacy law. That reduces the incentive to defect.

Posted on July 28, 2011 at 6:27 AMView Comments

Cryptography and Wiretapping

Matt Blaze analyzes the 2010 U.S. Wiretap Report.

In 2000, government policy finally reversed course, acknowledging that encryption needed to become a critical part of security in modern networks, something that deserved to be encouraged, even if it might occasionally cause some trouble for law enforcement wiretappers. And since that time the transparent use of cryptography by everyday people (and criminals) has, in fact, exploded. Crypto software and algorithms, once categorized for arms control purposes as a “munition” alongside rocket launchers and nuclear triggers, can now be openly discussed, improved and incorporated into products and services without the end user even knowing that it’s there. Virtually every cellular telephone call is today encrypted and effectively impervious to unauthorized over-the-air eavesdropping. Web transactions, for everything from commerce to social networking, are now routinely encrypted end-to-end. (A few applications, particularly email and wireline telephony, remain stubbornly unencrypted, but they are increasingly the exception rather than the rule.)

So, with this increasing proliferation of eavesdrop-thwarting encryption built in to our infrastructure, we might expect law enforcement wiretap rooms to have become quiet, lonely places.

But not so fast: the latest wiretap report identifies a total of just six (out of 3194) cases in which encryption was encountered, and that prevented recovery of evidence a grand total of … (drumroll) … zero times. Not once. Previous wiretap reports have indicated similarly minuscule numbers.

I second Matt’s recommendation of Susan Landau’s book: Surveillance or Security: The Risks Posed by New Wiretapping Technologies (MIT Press, 2011). It’s an excellent discussion of the security and politics of wiretapping.

Posted on July 27, 2011 at 2:10 PMView Comments

Protecting Private Information on Smart Phones

AppFence is a technology—with a working prototype—that protects personal information on smart phones. It does this by either substituting innocuous information in place of sensitive information or blocking attempts by the application to send the sensitive information over the network.

The significance of systems like AppFence is that they have the potential to change the balance of power in privacy between mobile application developers and users. Today, application developers get to choose what information an application will have access to, and the user faces a take-it-or-leave-it proposition: users must either grant all the permissions requested by the application developer or abandon installation. Take-it-or-leave it offers may make it easier for applications to obtain access to information that users don’t want applications to have. Many applications take advantage of this to gain access to users’ device identifiers and location for behavioral tracking and advertising. Systems like AppFence could make it harder for applications to access these types of information without more explicit consent and cooperation from users.

The problem is that the mobile OS providers might not like AppFence. Google probably doesn’t care, but Apple is one of the biggest consumers of iPhone personal information. Right now, the prototype only works on Android, because it requires flashing the phone. In theory, the technology can be made to work on any mobile OS, but good luck getting Apple to agree to it.

Posted on June 24, 2011 at 6:37 AMView Comments

New Airport Scanning Technology

Interesting:

Iscon’s patented, thermo-conductive technology combines infrared (IR) and heat transfer, for high-resolution imaging without using any radiation. The core of this is state of the art imaging which detects and processes a break in the established thermal balance between the clothes and a hidden object. The IR camera detects the heat radiating from even a tiny object, producing a dark/light shape. It is irrelevant how long an object is concealed under clothing as a new temperature imprint is created every time it is scanned. Using IR, the rays don’t penetrate beyond the clothing so there are no privacy issues.

EDITED TO ADD (6/14): Another article.

I know no details.

Posted on June 10, 2011 at 6:14 AMView Comments

1 83 84 85 86 87 145

Sidebar photo of Bruce Schneier by Joe MacInnis.