The privacy cat is already out of the bag once someone uploads a photo of you without your consent. That's the root behavior that should be corrected, and it's hard because the onus is on the privacy-conscious user, to get everyone else's cooperation. The facial recognition just adds even more privacy-questionable metadata.
My dream facial recognition feature for Facebook would be to allow me, as a non-user of Facebook, to upload some hash of my face and direct Facebook to disallow any user from uploading a picture with my face in it.
Not radical enough. It should be an opt-in rather opt-out.
A public website should verify that every person on the photo consented to being publicly displayed. Otherwise their faces should be pixelated.
I can certainly see things going that way in EU within a decade.
I don't want every public website (and who else?) to have access to the perceptual hash of my face to identify it in uploaded pictures to ask me for opt-in.
In the USA at least, there is no legal expectation of privacy on a public street. So, for news reporting purposes, you can publish photos of a crowd in public. However, as soon as you step onto private property, this changes. Even at places like shopping malls and stores, the owner of that place can take your photo for security, but cannot publish it, and it is not kosher for photographers to take photos of customers in these settings and publish them without getting a signed model release form the subject of the photo. Likewise, a photographer should get explicit permission for any other private spaces such as homes.
However, as soon as you step onto private property, this changes. Even at places like shopping malls and stores, the owner of that place can take your photo for security, but cannot publish it, and it is not kosher for photographers to take photos of customers in these settings and publish them without getting a signed model release form the subject of the photo.
You're on the right track, but it's somewhat more complicated than that. There are plenty of times when you can be on private property and it's perfectly legal for someone to publish your photo.
Two companies I've worked for have brought in lawyers for staff training on this. It's nuanced.
> In the USA at least, there is no legal expectation of privacy on a public street.
Depends on the state. In Massachusetts, for example, expectation of privacy doesn't matter. What matters is whether the recording was secret or not. Note that "secret" doesn't mean "the subject knew", it means "the subject could have known." If you're walking around with a zoom lens and a camera taking pictures of someone a block away who has no idea? Not secret. If you're in front of me with a camera hidden in your tie pin? Secret.
Security camera on the side of the building? Not secret. Security camera hidden on the side of the building made to look like a bird's nest? Secret.
> So, for news reporting purposes, you can publish photos of a crowd in public.
There's generally much wider latitude for use of a person's image in relation to press coverage of a newsworthy event.
> However, as soon as you step onto private property, this changes.
Not in Massachusetts, where secretly recording someone is illegal, period.
> it is not kosher for photographers to take photos of customers in these settings and publish them without getting a signed model release form the subject of the photo
Publishing is not a very relevant term. People have a right to control "commercial use" of their image.
In theory one could build a perceptual hash that had a universal opt-in. But I’m skeptical such a scheme could avoid collisions (e.g. identical twins) or perhaps even doppelgänger-like strangers.
Not exactly. From the perspective of building data of concern, simply uploading photos won't do that. Uploading photos just potentially creates databases of rando faces.
It is the tying of these faces to a name (identity) that's the challenge. Further, the crucial data comes from a human's act of tagging a person in a photo.
Is facial recognition so good that it can distinguish you from a billion other people? I assumed the photo recognition relied on the social graph i.e. to look for your friends or friends of friends in your pictures.
Subjective answer: Any data that has the potential for abuse regarding privacy will eventually find its way to being abused. Providing said feature requires curating the dataset necessary to power it. How can we trust companies beholden to quarterly earnings to do the right thing when financial motivations inform 100% of their actions? We can't.
Unless regulation is brought, they're going to do it anyway. The companies are absolutely going to be doing facial recognition and use that data, they just will be doing it without exposing the use of it to us.
Yes, there is. Instead of publicly auto-tagging you on the photo, FB could notify you that someone had uploaded a photo of you, and offer you to either:
1. Tag yourself on the photo
2. Censor yourself from the photo (blur, pixelate, black rectangle, whatever)
Voilá, now the same feature is used to give control over your data.
Here is an interesting question. Is it at that point your data? Wouldn't it be the data of who ever took the photo? Why would it belong to you just because you are in the photo?
I think giving users power over auto tagging make sense. But giving users power over other people's photos is a terrible idea.
Well, honestly, you shouldn't be giving other peoples' likenesses to big corporations under worldwide non-exclusive license agreements without a signed model release consent form. However, enforcing this is almost impossible.
But really, morally, you should never give anyone else's face to a corporation without their explicitly requesting you to upload the photo to a site.
