The Perfect Storm: Facial Recognition

Data PrivacyPrivacyRisk Management
Written By Hosch & Morris

Privacy Plus+

Privacy, Technology and Perspective

The Perfect Storm: Facial Recognition.  Every week it seems that facial recognition and related AI make headlines, but these technologies remain unregulated by federal law. Moreover, police departments and agencies like Homeland Security continue to contract for commercial facial recognition technologies.  Highlights from this week’s news illustrate that paradox.

Clearview AI Massively Expands: The controversial facial recognition company, Clearview AI, continues its “great success” with commercializing its technologies and database, even though such development has its foundation built on images scraped from the Internet, and, in particular, websites like Facebook.  For background on Clearview AI, you can read our previous post, “Clear Views about Clearview AI”, by clicking on the following link:

https://www.hoschmorris.com/privacy-plus-news/clear-views-about-clearview-ai

Just this week, the Washington Post reported that Clearview AI’s massive database now contains almost 100 billion images. A link to that article follows:

https://www.washingtonpost.com/technology/2022/02/16/clearview-expansion-facial-recognition/

In other words, Clearview AI will soon have the equivalent of 14 photos for each of the 7 billion people on Earth.  Furthermore, its selling its product and services to governmental entities for surveillance purposes.  

Texas Sues Meta/Facebook:  This week, Texas sued Meta/Facebook for its alleged “deception, lies, and brazen abuses of Texans’ Privacy Rights,” invoking both Texas’s oft-dormant biometric privacy act, addressing the “Capture or Use of Biometric Identifier” (Tex. Bus. & Com. Code § 503.001) and its Deceptive Trade Practices Act (Tex. Bus. & Com. Code §§ 17.41 et seq.). 

A link to the Original Petition filed in state court follows:

https://texasattorneygeneral.gov/sites/default/files/images/child-support/State%20of%20Texas%20v.%20Meta%20Platforms%20Inc..pdf

And you can also click on the following link to the Texas biometric privacy statute, which generally prohibits the disclosure of biometric identifier absent consent or the use of a warrant, and requires the protection of such information and its deletion within a reasonable time, imposing civil penalties for failure to comply:

https://statutes.capitol.texas.gov/Docs/BC/htm/BC.503.htm

The Petition against Facebook is worth the read for, among other things, zingers like this:

  • - “The scope of Facebook’s misconduct is staggering.”

  •  - “[F]or over a decade, while holding itself out as a trusted meeting place for Texans to connect and share special moments with family and friends, Facebook was secretly capturing, disclosing, unlawfully retaining—and profiting off of—Texans’ most personal and highly sensitive information: records of their facial geometries, which Texas law refers to as biometric identifiers.”

  •   - “Also unbeknownst to users, Facebook was disclosing users’ personal information to other entities who further exploited it.”

  • - “For Texans who did not use Facebook’s social-media services, Facebook was still capturing hundreds of millions of biometric identifiers from photos and videos innocently uploaded by friends and family who did use Facebook.  There was no way for such non-users to know of or contest this exploitation.”

Our Perspective: We think that the Texas suit comes curiously late, considering Meta/Facebook already claims to have abandoned its use of facial recognition technologies, and already has paid $650 million to settle a suit under Illinois’s Biometric Information Privacy Act as well as billions in fines to the Federal Trade Commission for failing to sanitize its privacy practices.  Addressing the past bad behavior of Facebook doesn’t address the real problem at this moment, which is that many governments, governmental entities, and others are looking for someone to blame for wildly rampant facial recognition, rather than pushing for comprehensive regulation.  In doing so, they are either ignoring their role in perpetuating the problems associated with facial recognition or ignorant of the fact that they play role.

Until we have a coherent, comprehensive, and unified strategy and response to the use of facial recognition technologies, those technologies will be unreasonably dangerous to the privacy interests of ordinary people and shouldn’t be used at all for the purpose of surveillance, especially by government. If Texas really wants to protect Texans’ privacy, perhaps it could follow San Francisco’s lead by banning the use of facial-recognition technologies by police and local government agencies, as well as by banning the commercialization of and the use of these tools by private companies for surveillance purposes.

---

Hosch & Morris, PLLC is a boutique law firm dedicated to data privacy and protection, cybersecurity, the Internet and technology. Open the Future℠.

 

Hosch & Morris https://hoschmorris.com
Previous

Prepping for Cyber-Attacks
Next

Europe to Meta/Facebook: “You want to leave?  Fine. Leave.”