Could Law Enforcement Leverage Facebook to Identify You?
Privacy advocates raise concerns about authorities leveraging your information.
Nov. 3, 2013 -- Facebook's privacy policies have always been the subject of debate among its users -- especially when they change, as they did this month for underage users. After all, when you're putting so much information online where anyone can see it, how upset can you be when the public sees it?
But what if "the public" is law enforcement, and their idea of fair use is uploading all your pictures into a vast database used to identify persons of interest in crimes? As a former member of the New Jersey Office of the Attorney General, I'm in favor of catching the bad guys -- just not at the expense of the privacy rights of every other American.
The feasibility of such a scenario, while common in television shows like "Blacklist," "NCIS" and even "Person of Interest," isn't a reality, yet -- but a new report by Martin Kaste at NPR shows that it might be possible, even in the near future. As he wrote, "Last year, Facebook bought Face.com, whose company's founders had published a paper titled 'Leveraging Billions of Faces to Overcome Performance Barriers in Unconstrained Face Recognition.'"
Read More: Teens Are Leaving Facebook And This is Where They Are Going
And while University of Washington computer expert Neeraj Kumar told Kaste that the technology doesn't yet exist to upload the billions of pictures on Facebook into a law enforcement database, there are plenty of databases available for their use that contain thousands of pictures. In fact, Kumar admitted that the biggest problem with facial recognition is matching poor-quality surveillance footage with the large database of pictures the police are allowed to utilize: mug shots.
But what if law enforcement was allowed to use a large database of pictures from multiple angles -- like the ones created when we "tag" Facebook photos? They could build what Kumar called "models," exponentially improving the accuracy of existing facial recognition.
When Law Enforcement and Privacy Collide
That's what was apparently behind the thinking in the state of Ohio, which recently grabbed all the photos from driver's licenses issued in the state and uploaded them into their facial recognition system. It was only after the system went live -- and after police used it 2,600 times -- that the Ohio Attorney General thought it might be a good idea to establish an advisory panel to help safeguard people's privacy.
The Ohio database threw new light on Sen. Al Franken's (D-Minn.) concerns expressed during a hearing last year into the privacy concerns associated with facial recognition software. FBI deputy assistant director Jerome Pender testified that the FBI's database -- which didn't include pictures from sites like Facebook -- contained 12.8 million photographs, and Maneesha Mithal, the Associate Director of the Division of Privacy and Identity Protection at the Federal Trade Commission, promised the agency was "studying" the privacy concerns of facial recognition technologies for companies like Facebook, whose users add 2.5 billion photos a month to the service.
Facebook responded, saying that their encryption wouldn't allow third parties to access their photos database -- though, in 2013, their new "graph search" might do just that.
What This Means for You
So what is the average Facebook user to do? All we privacy advocates can do is tell you to turn up your privacy controls only allowing friends to see your pictures, making sure you approve any photo tags before others can see them and limiting the photos you decide to post. But, of course, that makes things less convenient. And, based upon the tsunami of disclosures regarding NSA snooping, doing so may not prevent the government from accessing your photos anyway.
In an interview with the Smithsonian on Friday, one of the men behind the dystopian surveillance-state TV series "Person Of Interest" -- who is intimately aware of the potential vulnerabilities of participating in the surveillance culture -- talked about the trade-offs between what he knows to be smart security and what is increasing the normal level of connectedness online.
Greg Plageman, the executive producer on "Person of Interest," told the Smithsonian, "There's a bit of a scare, and we all react and say, wait a minute, do I need to be more privacy-conscious in terms of how I operate technology? And the truth is it's a huge pain in the ass. I've tried a couple of these web-surfing software [services], but it slows things down. Eventually, if you want to be a person that's connected, if you want to stay connected to your colleagues and your family, you realize that you have to surrender a certain amount of privacy."
"In terms of whether or not we're entering another era, it's difficult to say when you realize that the assault on privacy is both public and private now. It's Google, it's Facebook, it's what you voluntarily have surrendered," he said.
Adam Levin is chairman and cofounder of Credit.com and Identity Theft 911. His experience as former director of the New Jersey Division of Consumer Affairs gives him unique insight into consumer privacy, legislation and financial advocacy. He is a nationally recognized expert on identity theft and credit.