Securing Facial Recognition Data and Potential Risks

As federal agencies and local law enforcement continue to use facial recognition to probe for potential suspects it is also considered to be an invasion of privacy.

Foundations of Facial Recognition

Facial Recognition has been developing for a few decades, starting in the 1960s, using a mix of human graphing and computers.  A project named ‘man-machine’ was created by Woody Bledsoe, Helen Chan Wolf, and Charles Bisson which located facial features on a photograph and later inserted the coordinates onto a graphics tablet.  As these dimensions were graphed engineers would integrate them into computer software.  In 1970, facial recognition began to grow in popularity with a public demonstration of technological facial matching.  By using biometrics and computer software, developers were able to replicate three dimensional images of photographs and portraits.

Tech Funding and New Research

In 1993 the Defense Advanced Research Project Agency (DARPA) and the Army Research Laboratory (ARL) established the face recognition technology program FERET.  This program was intended to develop automatic facial recognition that would be deployed in public areas to increase public safety.  Soon after, FERET had provided DMV with their facial recognition software which was used to scan for duplicate licenses.  DMV became one of the first markets for automated facial recognition technology and later introduced to Federal prisons.  This was the first-time facial recognition technology had been sold commercially making the software public.  Later in 1997, the ‘Bochum system’ developed by Christoph von der Malsburg and the University of Bochum, Germany, had been considered for national funding by the United States Army Research Laboratory.  The software developed was called ZN-Face and later used in highly populated areas starting in banks and airports.  Since then, there have many advances involving facial recognition technology such as identification, surveillance systems and security access.

FBI and Independent Tech Companies

The Federal Bureau of Investigation has developed a distinct protocol for probing photos for potential suspects.  The FBI uses facial recognition technology databases that are strictly used for identifying national threats and high-profile crimes.  The FBI is held to the highest standards in securing facial recognition and keeping private data secured is a top priority.  The FBI undergoes audits to ensure that public probe images are secure and only used for the integrity of each investigation.  FBI policy strictly governs the circumstances in which facial recognition tools may be utilized, including what probe images may be used.

Here is a list of FBI guidelines and uses:

  • FBI uses facial recognition technology for law enforcement purposes with human review and additional investigation
  • The FBI’s use of facial recognition produces a potential investigative lead and requires investigative follow-up to corroborate the lead before any action is taken
  • Every face query is reviewed and evaluated by trained examiners at the FBI to ensure the results are consistent with FBI standards
  • The FBI is committed to ensuring that FBI facial recognition capabilities are regularly tested, evaluated, and improved
  • The FBI has partnered with NIST to ensure algorithm performance is evaluated

Once an application has gone public developers are always ready to utilize new technology.  When new programs are released, often times security protocols can be overlooked and neglected.  For years, law enforcement has used probe sketches of potential suspects to help identify the culprit.  Law enforcement has decided to utilize these resources without proper notification of their subjects.  A private company called ClearView has developed the largest database of public profiles generating 3 billion images captured from the internet.  Many citizens have no idea that their photographs have been secured in private or public databases, for later use.  Also, DeepFace is a deep learning facial recognition system created by a research group at Facebook.  The system is said to be 97% accurate, compared to 85% for the FBI’s Next Generation Identification system.  Private tech companies and emerging apps are gathering and storing public profiles with facial recognition data without permission from the owner.

Securing Personal Data

Securing sensitive information is always a priority, but unfortunately private companies collecting facial recognition data have gone unchecked.  Failing to undergo extreme scrutiny could become a major risk for the public.  Many law enforcement agencies are using this tech, but the public should know how and when these programs are being used.  Potential risks can be tragic, false accusations through photographs, incarceration of innocent people, photo manipulation and breach of privacy.  Surveillance systems have been around for decades and facial recognition technology is improving.  San Francisco has banned the use of facial recognition technologies because it goes against the US Constitution (4th Amendment) and privacy laws.  It is up to the public to stay informed and secure your identity by not consenting to use facial recognition applications.  New applications are often required to gain consent of the user’s camera and access photographs stored in their phone.  Once given consent these photographs are accessible to cyber attacks and can become detrimental to the user.  It is extremely important to understand when consent is appropriate and know how your personal information is being accessed.



Facial Recognition flickr photo by mikemacmarketing shared under a Creative Commons (BY) license