Ask The Expert
Ask the Expert: Is Facial Recognition Technology a Violation of Privacy?
Earlier this year, the Transportation Safety Administration (TSA) piloted facial recognition technology in a handful of airports across the U.S. The pilot is part of a voluntary check-in process, allowing passengers to quickly verify their identity at security checkpoints while avoiding long lines. However, as it often does, the use of facial recognition technology prompted an outcry from people worried about privacy.
Facial recognition technology has become a political hot button in security, but many of the concerns don’t make sense — especially in the context of facial recognition being used by private businesses for security and access control.
Why arguments against facial recognition don’t make sense
The privacy arguments against facial recognition are arguments we’ve already had in the security industry.
Cameras, which are now considered to be a staple of security technology, caused many of the same privacy concerns we’re now hearing about facial recognition: people were worried about their image being captured, about spying, and about being misidentified and charged with a crime they did not commit. There were concerns that no one would want to work in an environment where they were being filmed.
Yet despite these concerns, cameras are ubiquitous now. Homes use cameras in their Ring doorbells. Some cars have cameras. A business is now considered negligent if it does not use cameras to monitor its sites. We use camera footage as evidence in criminal investigations.
Facial recognition offers many of the same benefits as cameras, along with the potential for greater accuracy, which should be good news for those who are concerned about being misidentified.
To understand the benefits, however, it may help to understand how facial recognition is being used by private businesses.
Use cases for facial recognition in private business
There are two primary reasons a business might want to use facial recognition.
Access control: Large enterprises and other organizations with closed sites are likely to use facial recognition to verify your identity before allowing a person on-site. Like the TSA, access control algorithms will compare a person’s face to the photos they have on file. This is something we already do with badges, except it’s an officer verifying the photo. This form of access control may also mean that employees won’t need to carry badges at some sites, which is a benefit because badges are often lost or stolen.
Identifying criminals: Retail establishments are likely to use facial recognition to identify thieves and other troublemakers. If someone has stolen from a store, the facial recognition technology will flag them in the system and alert the staff if the person returns. At the least, this will prevent a thief from returning to a store, but it may also help retailers prosecute those who have stolen. Once again, this is something that is already done; camera footage, photos, and eye witnesses already identify and bar known criminals from returning to some stores. The benefit is greater accuracy.
In both cases, any person who is being identified is on the business’s property. The company has the right to verify their identity.
What are people saying about facial recognition?
Below are some of the most common arguments against facial recognition:
“Facial recognition technology violates my privacy”: When we are in public, our images aren't protected. We can be photographed or videoed in any public place without permission. People may recognize us on the street, in photos, and in videos. Facial recognition is simply an extension of this.
“Law enforcement has no right to store someone’s image”: Yes - any technology can conceivably be misused. However, the ability of law enforcement to use a tool like facial recognition outweighs the negatives. Put yourself in the victims’ shoes; if facial recognition can be used to solve a loved one’s murder, why wouldn’t we use it? I agree that systems have been misused in the past, and there are controls that should be put in place to ensure that these issues do not arise.
“Facial recognition is likely to misidentify people”: This is something that already happens with people and with technology or without. How many times have access control badges not worked? How many eyewitnesses have misidentified someone? Nothing is 100% foolproof, but facial recognition is much more accurate than human beings or other technologies. Just remember a person can identify a suspect and many studies have shown that humans can make many mistakes including misidentification of a random person over the actual suspect.
“Facial recognition can be tricked with masks or hats”: So can cameras. So can human beings. Facial recognition is no more trickable than the naked eye.
“My face could be stolen and used for a deepfake”: Your face is likely already online. If a criminal wants to steal your image, it’s easier to go to a profile on social media and use images or videos you posted there. As for personal information being stolen from a company, there are many other important pieces of personal data at risk from cyber criminals. Companies need to take precautions to protect them all, including people’s faces.
Facial recognition is just a tool
Like any new technology, facial recognition is a tool. Any technology can be used for nefarious purposes. A few years ago, there were concerns about drones. We can’t stop threat actors from coming up with criminal uses for new technology; they will do that no matter what.
What we can do is work with the new technology, understand it, and learn how to protect ourselves from any misuse. We can also use technology like facial recognition to streamline access control, improve our security posture, and make our sites safer.
Learn more about how leading edge technology can improve your security posture. Schedule your personalized demo today.