Privacy Groups Leave Over Dispute on Facial Recognition Software

Published on

SAN FRANCISCO—Consumer groups that believe companies like Facebook need to get individuals' permission before their images can be identified using increasingly advanced facial recognition technology have abandoned talks to create a voluntary code of conduct for the controversial software.

"This isn't just your anonymous online profile. It's you—they're tracking your face," said Jeffrey Chester with the Center for Digital Democracy, one of the groups.

Facial recognition software automatically identifies individuals in a digital image by comparing facial features in the image and a database. It allows computers to link a person's name to their face in photos or video.

The discussion was being organized by the National Telecommunications and Information Administration, a division of the Department of Commerce.

As part of the process, industry and privacy groups had been meeting for 18 months to create a voluntary Code of Conduct around the use of facial recognition software in commercial contexts. The NTIA successfully created a voluntary code for mobile apps last year.

However, a code for facial recognition software looks to be in trouble after most of the consumer and privacy groups involved in the discussion announced Tuesday they're leaving the group.

The groups that left included the Center for Democracy & Technology, the Center for Digital Democracy, the Consumer Federation of America, the Electronic Frontier Foundation, the American Civil Liberties Union, Consumer Action and Consumer Watchdog.

While such voluntary codes don't carry the force of law, if a company agreed to one and then didn't abide by it, it would be open to Federal Trade Commission enforcement.

OPT IN OR OPT OUT

Chester said the consumer groups realized they saw opt-in as the baseline, while companies wanted opt-out.

Opt in would require companies to ask permission before using the software on a person's image. Opt out would require people to tell each company they didn't want their images identified.

"The position that companies never need to ask permission to use biometric identification is at odds with consumer expectations, current industry practices, as well as existing state law," the group's letter, released Tuesday, said.

"We were disappointed that some of the public interest group have decided to step out of the process," said John Morris, associate administrator of NTIA's Office of Policy Analysis and Development.

The walkout comes amidst sharpened concerns over people's privacy, with new photo apps appearing that promise to view and tag by name billions of images.

On Monday, Facebook rolled out its new Moments photo app, which makes use of powerful facial recognition features to identify who is in a given picture. Google announced a similar app earlier this month.

In the Facebook app, in order to avoid having their pictures recognized, users must go into their Facebook settings and turn tagging off.

However most users don't have the "time or awareness" to understand the complex privacy policies they click to agree online or in apps," said Marc Rotenberg, a privacy advocate with the Electronic Privacy Information Center in Washington D.C. EPIC is not a part of the NTIA discussion.

It's the power of facial recognition software that worries privacy advocates.

"Facebook for years has insisted on turning on facial recognition by default, where other services have the user turn it on by choice. …. So they are essentially creating one of the largest collections out there, because so few people opt out of it," said Alvaro Bedoya, executive director on the Center on Privacy and Tech at Georgetown Law.

Facial recognition software can be used in a wide variety of situations. For examples ATMs could use cameras to verify that the person in front of the machine was the holder of the card being used. Stores could identify known shoplifters are they came through the door.

But privacy advocates worry it could also be used to market or track consumers when they imagine themselves to be anonymously walking down the street or browsing in a store.

Some in the coalition said they'd doubted that companies would ever voluntarily agree to give up a possible marketing edge.

"The multi-stakeholder process was doomed from the start. Companies had no real incentive to develop a code with meaningful protections," said John Simpson, the privacy project director for the group Consumer Watchdog.

There is currently no federal privacy legislation regarding the commercial use of facial recognition software, though Illinois and Texas have state laws governing it on their books.

The administration released a privacy blueprint with proposed legislation in February but it has not yet been introduced into Congress.

Latest Report

Support Consumer Watchdog

Subscribe to our newsletter

To be updated with all the latest news, press releases and special reports.