Data Risk Intelligence
Automated Data Mapping
Do Not Sell/Do Not Share
Cookie Banner Solutions
Consent & Preferences
Data Rights RequestsFacial Recognition Tech companies in the crosshairs
Facial recognition technology is revolutionary with real, tangible benefits, like making shopping, payments, and security easier than ever. Faceprints, fingerprints, and other biometric data is unique to every individual. Additionally, consider the system in place at many U.S. airports that is designed to eliminate the need for an ambiguous boarding pass at the gate. Facial comparison of the traveler’s face to that of his or her passport scanned at the time of check-in—or on file—provides an efficient and safe boarding experience.
However, there is real concern of data breach/misuse of these ever-growing, global databases of facial data. Organizations have also failed to seek consent for the collection of biometric data to create these databases before offering to users. DPAs and privacy regulators are taking aim and stepping up action against facial recognition tech companies’ violation of residents’ data and civil rights.
Clearview AI Inc privacy rights trouble
The Information Commissioner’s Office (ICO) has fined Clearview AI Inc £7,552,800 ($9.4M USD) for collecting UK residents’ images from the web, social media, and elsewhere to build a global online database that could be used for facial recognition. Clearview AI Inc is ordered to stop obtaining and using publicly available personal data of UK residents, and to delete the data from their systems.
In contrast, on May 9th, 2022, across the pond in the US, the ACLU reached a settlement with Clearview AI Inc to restrict the sale of its database of faceprints to private entities.
ID.me privacy rights troubles
Oregon U.S. Senator Ron Wyden sent a letter to the Federal Trade Commission (FTC) urging the agency to investigate evidence that ID.me. Experts have criticized facial recognition software’s accuracy to discern the identity of people of color. ID.me, a provider of identity verification services widely used by the US federal and state government agencies, made multiple misleading statements about its use of facial recognition. ID.me claimed its “one-to-one” facial recognition technology was superior to “one-to-many” facial recognition, in which a person’s photo is queried against a “digital lineup” of other people’s photos. On January 24, 2022, after the backlash against the IRS’ plans to require facial recognition through ID.me, the company’s Chief Executive Officer Blake Hall published a statement in which he emphasized once again that ID.me “does not use 1:many [one-to-many] facial recognition,” calling it “problematic” and “tied to surveillance applications.”
Just two days after this unqualified public denial, Mr. Hall reversed course, in a LinkedIn post in which he admitted that ID.me uses one-to-many facial recognition as part of its identity verification process. The secret use of a large facial recognition database both violated customer privacy and raised the possibility that individuals were wrongly denied government services.
Brazil new privacy and civil rights troubles
Throughout Sao Paulo, Brazil, Mastercard Inc. has begun to trial a biometric payment system for brick-and-mortar stores, using facial recognition rather than contactless cards, smartphones, or memorable PINs. The company said its Biometric Checkout Program would let a shopper scan their face using a retailer’s smartphone app and assign their likeness to a bank card stored on file. The technology is comparable to how Apple Inc.’s iPhone uses FaceID to approve payments or unlock a device.
Even with this government acceptance of biometric technology, In Brazil, there is a growing concern of the use of facial recognition technology. In April 2021, PontoiD won a $162,000 bid for a contract to supply facial recognition technology for the public school system. PontoiD began secretly rolling out the facial recognition system in two schools – João Pereira Vasconcelos and Celia Goulart de Freitas – without informing parents or students in advance, according to research by Rest Of World. Parents have expressed concern that there was no consent given to collect this information.
Brazil’s black communities are unfairly targeted because of disproportionate facial recognition biases. Data compiled by researchers at the Security Observatory Network found that 90.5% of those arrested in five Brazilian states using facial recognition were Black. A persistent and known issue with biometric technology is that a large part of the algorithm training database is dominated by white, male faces.
It is illegal under the nation’s General Law of Data Protection, the Consumer Defense Code, the Code of Users of Public Services and, perhaps crucially, the Child and Adolescent Statute, according reporting by Intervozes, a civil activist organization. Intervozes and several fellow civil and human rights outfits filed suit March 3rd after viewing a previous court-ordered release of system information.
Meta’s continued troubles
Meta, previously Facebook, last year reached a $650 million settlement in a long-running class-action suit alleging it violated the law when it introduced its “tag suggestions” feature. If you’re an Illinois Facebook user, you may have recently received a check in the mail from the company as part of it’s Class Action Lawsuit. According to the Class Action settlement administrator, checks between $200-$400 to more than 1.4 million people started getting mailed out May 9.
In the lawsuit, Facebook broke the Illinois Biometric Information Privacy Act (BIPA) by collecting and storing biometric data of users without their consent. Facebook users, without knowing it, might more commonly remember “Tag Suggestions” notifications feature.
Meta’s privacy woes don’t stop there. On Monday, May 23, 2022, the attorney general for Washington, D.C. filed a lawsuit directly against Meta CEO Mark Zuckerberg, accusing him of being personally responsible for the Cambridge Analytica data breach. In the 2010s, personal data belonging to millions of Facebook users was collected without consent by the British consulting firm Cambridge Analytica, and this data was used by a political consulting firm in an attempt to sway the 2016 election in Donald Trump’s favor. Governments and regulators across the globe, including the FTC, are also cracking down on the social media giant via antitrust suits and legislation.
At Clarip, we understand the risks associated with privacy and consent. We provide technology solutions to minimize the risks and to allow companies to comply with data privacy laws and with user requests. Improve trust with consent management and notify users of the use of personal data. We offer fully automated data subject request fulfillment, data mapping, website scanning, vendor management, consent management, and much more. Visit our site, www.clarip.com or call us at 1-888-252-5653 to learn more.
Email Now:
Mike Mango, VP of Sales
mmango@clarip.com
Other Articles on this Topic:
Consumers Prefer Biometric Authentication
The Dangers of Biometric Information
The Dangers of Biometric Information, Part 2
The IRS, ID.me, and Biometric Information
