Link's effort to change the now 10-year-old Biometric Information Privacy Act came as lawsuits were being filed by Illinois residents accusing Facebook of improperly using digital facial recognition in photo tagging.
Another example comes from Seattle-based tech company RealNetworks, where Mike Vance, senior director of product management, has received dozens of recent queries from K-12 schools across the nation seeking to participate in RealNetworks’ Secure, Accurate Facial Recognition (SAFR) program.
Earlier this week, the DEA issued a solicitation for “concealments made to house network PTZ [Pan-Tilt-Zoom] camera, cellular modem, cellular compression device,” noting that the government intended to give the contract to Obsidian Integration LLC, an Oregon company with a sizable number of federal law enforcement customers.
Amazon marketed its facial recognition tools to Orlando’s police department, providing tens of thousands of dollars of technology to the city at no cost, and shielding the Rekognition pilot with a mutual nondisclosure agreement that kept its details out of the public eye.
Making the risk of data breach even greater, law enforcement often stores its iris biometrics on databases operated by vendors and other private third parties.
“We never felt at ease with that because it could be used for discrimination.” The general manager of Saskatoon’s Centre Mall, David Bubnick, says via email that the aggregated information helps “identify visitor trends, which helps us determine our retail mix and offer new retailers and services to suit the community.” A Cineplex Digital Media spokesperson echoed the reassurance, adding “there is no personal identification, no pictures stored and no tracking or profiling of individuals.”
It goes on top of a law passed in 2016 that mandates ISPs store 6 months of IP address connection data and makes it very clear that your internet traffic is available to be monitored.
The documents, obtained by BuzzFeed News via a Freedom of Information request, show that Amazon marketed its facial recognition tools to Orlando’s police department, providing tens of thousands of dollars of technology to the city at no cost, and shielding the Rekognition pilot with a mutual nondisclosure agreement that kept its details out of the public eye.
Amazon is trialling a shop in which there are no checkouts: store CCTV cameras detect when shoppers pick up items, and users are billed via an app. Some of these systems are used for security, while others use facial recognition on CCTV footage to track where customers go within a shop.
I think, Matthew, you and I were talking about this earlier about, what was it, something like 15 million Chinese people have been placed on, because of their low score on one of these systems, they have been banned from being allowed to buy plane tickets or to ride trains.
Under the TSA plan, which reads like a parody of warnings against “slippery slopes” in the expansion of surveillance technology, the agency would first streamline its partnership with the Customs and Border Protection’s new biometric exit program, which matches certain international travelers with their passport photos at the aircraft gate.
Today the US Transportation Security Administration released a detailed TSA Biometric Roadmap for Aviation Security & the Passenger Experience, making explicit the goal of requiring mug shots (to be used for automated facial recognition and image-based surveillance and control) as a condition of all domestic or international air travel.
In our own work, we’ve identified and criticized many different and dangerous ways that industry and government are collecting, using, and sharing our personal information, and this is largely due to infrastructure that has been created for the purpose of exploiting our data.
It’s an example of how manufacturers can build voice-controlled devices using the Alexa Connect Kit, “without worrying about managing cloud services, writing an Alexa skill, or developing complex networking and security firmware,” as Amazon says.
Tencent highlighted that many users had previously voiced concerns about the idea of it using facial ID checks in games and said it would evaluate the results of the real-world trial "in depth".
Vance, a senior director of product management at the Seattle tech company, leads the team that created Secure, Accurate Facial Recognition — or SAFR, pronounced “safer” — a technology that the company began offering free to K-12 schools this summer.
Facial-recognition technology poses a unique surveillance threat and is being deployed without adequate privacy protections. In the wake of a terrorist attack or other violent incident, we should expect CBP to collect and share more data, including facial images, with other law enforcement agencies.
"On my PC, and in my many test cases, WaitList.dat contained a text extract of every document or email file on the system, even if the source file had since been deleted," Skeggs revealed in an interview with ZDnet.com.
Despite the intrinsic sensitivity of such personal data, there are no firm rules governing the use of facial recognition technologies (FRTs), and notwithstanding efforts by CDT and others, there are no federal laws regulating the collection, retention, and sharing of biometric information.
(Amazon’s Echo Show and Google-powered smart displays don’t identify users’ faces, though some security cameras do.) The device will have a privacy shutter to disable the camera tracking, but amazingly, Facebook may have only thought to include this in response to its own recent privacy scandals.
According to digital forensics and incident response expert Barnaby Skeggs, there is a file in Windows 8.1 and Windows 10 operating systems, called WaitList.dat, that can collect sensitive information, such as email text and passwords, such a manner that many users might not know about it.
At the same time, on Thursday, Union Home Minister Rajnath Singh said that security agencies are trying to get new software tools with face recognition capabilities to dig into social media to track criminals.
This file is named WaitList.dat, and according to Digital Forensics and Incident Response (DFIR) expert Barnaby Skeggs, this file is only found on touchscreen-capable Windows PCs where the user has enabled the handwriting recognition feature [1, 2] that automatically translates stylus/touchscreen scribbles into formatted text.
In the run-up to the Commonwealth Games on the Australian Gold Coast in April 2018, Queensland’s privacy commissioner took issue with the proposed use of facial recognition technology to “pick out suspected terrorists.” He compared the level of intrusion to how China and Russia routinely ignore privacy concerns.
Because retaining biometric data is deemed in opposition with a citizen’s right to privacy, the Scottish government is taking the approach that following the end of a prescribed retention period all records will be deleted, including those held as backup or copied and stored elsewhere.
What lies behind these links is a cavalcade of disclosures of how businesses across the internet track us, target us and trade our information.