UKC

https://news.sky.com/story/police-use-of-facial-recognition-is-legal-high-c...

I was reading this story and it started to make me think about the technology and if it could be countered in any way.   

I'm wondering at what point does it become uncertain who the face belongs to if you were to use makeup prosthetics and such things to hide your identity.  

Would you likely be able to tell it was for example Tom Cruise under those mission impossible masks ?  if it was deployed in those sorts of circumstances. 

I know there is gait analysis and other such indicators but in practical crowded gatherings would it be viable to hide your identity ?

I'm just interested as to what people reckon.

TWS

Watch Four Lions for a novel approach...

Steve

Never seen it but assume your talking about giant mascot type suits ?

Surely you would need everyone to be wearing the same one ? otherwise its just like saying follow the honey monster ?

Then you've been seriously missing out! One of the funniest films in recent decades.

I've been seriously missing out in many aspects of life John.

No surprises there.

AFAIK they work by measuring dimensions on your face.  So what you need is a Tefal man mask

youtube.com/watch?v=bsNwtBv3PI0&

Try these https://images.app.goo.gl/vPJ7N3jCxYeKXYNVA

The Hong Kong solution: lasers

https://twitter.com/alessabocchi/status/1156513770254012416?s=20

Although they're not averse to more direct and less expensive measures...

https://twitter.com/Jordan_Sather_/status/1165327628825284610?s=20

Rubber dingy rapids bro'

The other week I read that the technology was trialled and out of 42 "recognitions" only 8 were correct.

There's a website out there somewhere with examples of tee shirts that are patterned in a way that confuses the software. Also some hairstyles as well but they looked so weird I don't think anyone would need that sort of technology to recognise you.

Truly Excellent .  

Excellent news thanks for that.  

hijack

Did anyone ever conclude whether a wookie is a bear or not?

end hijack

No, but you could use the hairstyle / t-shirt / costume on one-off occasions which you wouldn't want to appear on your permanent record - e.g. for doing a bank robbery, or for attending the Tory party conference.

There is a lot of hysteria over this. 

The software recognises a face from the database and flags up to a CCTV operator that a known person is in view. The operator then double checks the image held on file. If it matches, the operator will monitor the activity, some systems will have automatic cameras that can then be locked on to the person and follow them automatically.

It’s useful when known shoplifters enter shopping malls and is no different than having an operator scanning everyone who comes in and then following them manually. It just makes it quicker and easier.

Due to GDPR regulations if you are recorded on a computer hard disk, they cannot keep the recording for longer than is reasonable.

No one is building up a massive database of the general public.

There's no point in being 'hysterical' but this is just complacent. How do you know that no-one is building up a massive database of the public? And how can you be sure that organisations with such databases are complying with GDPR regulations? It's early days yet but Elizabeth Denham thinks there is a potential problem and it needs to be addressed sooner rather than later.

https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2019/07/blo...

You are aware, I presume, that GDPR is an EU initiative that won't cover the UK in the same way if we Brexit. It is likely that data transfer between UK and EU member states will remain relatively unchanged for some time but between the UK and the rest of the world will become much more easily open to change. This could become a notable point of concern when the UK would inevitably need to negotiate a trade deal with the US as it is particularly unpopular with some influential US corporations.

https://www.wired.com/story/best-algorithms-struggle-recognize-black-faces-...

4 Lions is really good...albeit it's a lightheated look at a very dark subject, so the implicit black humour can be a bit grating for some.

So is that suggesting we all black up ? I'm not sure that's a wise thing to do. 

It will cover us exactly as it covers the US and anyone else who trades with the EU. 

Not only do we have to first leave Europe but we then have to change our own UK laws that were changed to incorporate the EU legislation made even before the EU legislation came into force. 

She is talking about the case in the OP. She is right. And I agree, there needs to be rigorous enforcement of the laws. That’s not being complacent but covering up your face because you think you’re about to be wrongfully arrested as being a wanted criminal or you think the police are building a database of your movements so that they can profile you for monitoring in the future police state, is tin foil hat territory. 

Seems to me like a database already exists and presumably is being maintained.

I wonder what else such a database could be used for other than identifying shop lifters.

GDPR has no relevance to the US except when handling EU data, which means that it works in the interests of EU citizens but doesn't offer any protection to others unless their data is being handled within an EU context. But after Brexit it will no longer be required for the UK to comply with GDPR in any dealings the UK has with any non-EU country, such as my earlier US example.

Another fine example of 'taking back control' so as at best to remain unchanged and at worst to harm the interests of UK citizens. 

Edited for typo.

It does because GDPR is incorporated within UK law, it’s not an EU law that we have to comply with. It’s our own law. 

Of course there is. How do you think criminal records are held? In a filing cabinet at Scotland Yard?

All sorts. I think it’s being used to identify football hooligans as well. However their details will be held alongside their image. There’s no law that you cannot be photographed in a public place. The law is only concerned with processing the data held, what is done with the data and the length of time it is stored for.

Otherwise BBC news and other agencies would pretty much have to stop reporting the news. 

The OP was merely raising a hypothetical question - nothing tin-foil hat about that. 

Anybody holding/processing data about EU citizens has to comply with GDPR.  Given that public CCTV has no way of knowing when an EU citizen is going to appear in its view it will have to comply with GDPR.

So who is on that database, shoplifters obviously but who else? Who decides who goes on that database?

You may recall that a few years ago there was a big fuss when it was found that people's DNA records weren't being destroyed after they had been eliminated from an enquiry....

...but anyway, nothing to hide, nothing to fear. Unless you're an Urghur living in China or a protester in Hong Kong or the relationship between the state and the individual changes in this country.

It's our law, yes. It was required by agreement EU-wide. After Brexit it will no longer be required for non-EU data so may be amended or repealed to ease US deal negotiations.

It isn't a hard concept.

No. We put it in place BEFORE it became EU law. 

It isn’t a hard concept. 

Have those DNA records been destroyed now? Why?

Really, the whole country is practically covered by CCTV. Anyone could have your photo on their PC. Anyone is allowed to keep your photo on their PC (unless they are an organisation who doesn’t have good cause), there is nothing you can do to stop them.

Do you realise that supermarkets can track what you are eating?

I suggest you make your tin foil hat a little bit larger so that it covers your face. Then you will be safe.  

Well you're going to have to provide a source for that because it isn't my understanding and there's no mention of such on wiki.

Of course there were some data protection laws in place in EU member states beforehand but they were very different from what GDPR requires.

In theory I don't like the idea.   In reality I've tried the automatic passport gates a number of times, never got through first time, and several times had to go to a human for checking.  So I don't think it works well enough to panic about it this week. 

Not exactly, no. From wiki: "a non-EU establishment shall be subject to the GDPR if it regularly undertakes one of the following activities: (a) the offering of goods or services, irrespective of whether a payment of the data subject is required, to data subjects in the EU; and/or (b) the monitoring of the behaviour of data subjects in the EU, as far as their behaviour takes place within the EU"

So if your company is outside of the EU and you're not offering any services to people who are able to take up those services from within the EU, then GDPR is not applicable.

How do you feel about what's going on in China regarding facial recognition?

They all look the same to me.*

* Note. Joke!

So can't you just wear a Tshirt with a face from the database on it?  Emblazoned with the letters "It Was Him - He wot Did it!"

I'm not panicking about this just interested. 

I suspect that's because the chip in your passport is broken, my wife has the same problem.

As far as I'm aware the passport thing and the security at Gatwick and Heathrow do iris recognition rather than facial recognition, i.e. the cameras are examining just your eyes. Your irises are as unique as your finger prints and you don't need a very high resolution image (100 X 100 pixels) to get a good enough picture to make a unique identification.

Here's a vid of what they're doing in China, they're more advanced in this stuff than we are in the West:  youtube.com/watch?v=uReVvICTrCM&

It's the deep learning stuff that concerns me.

Just get a criminal record then you don't have to worry about these things.
They've got my picture, fingerprints and DNA, who cares? I don't.

Not quite, they just take a photo of your face and an officer behind the gates compares that photo to the one on your passport (which is part of what is on the chip). There is no computerised facial recognition going on at all.

If they wanted to do iris scanning then when you applied for a passport you would have to get your iris scanned.

It’s not just a EU thing then is it? There’s no reason to believe that the UK or any other country would tear up laws. Data protection has been on the agenda for years. GDPR may be far reaching but the US have something similar but it’s fragmented due to the way they have federal and state laws.

Sweden were the first to implement data protection but the public drive this, not governments. 

https://www.siliconrepublic.com/enterprise/gdpr-history-data-protection-ire...

Funnily enough the landlord of my local is from Hong Kong and we had a long chat last night about the riots. China’s abuses are due to their culture. The UK would have to go a long way to get anywhere near that. 

The current Hong Kong issue is a hangover back to the UK handing power back to China.

That’s probably covered under slander laws. 

GDPR is absolutely an EU thing. If companies are not storing personal data that has been collected within an EU context then it simply doesn't apply. If you want to broaden your point beyond GDPR to all data protection rules in all countries then your posts make a lot more sense.

I have a similar problem, in that the scanners don't like me. My passport is new, so it's not that the pic is out of date.

With facial recognition at the airport, you are in a perfect environment. You stand straight. Look into the camera for the correct period of time. The system knows who it is trying to match against, as you've presented your passport. And then it still doesn't work first time.

Whilst it might not be enough to panic about, it may still be enough to get you followed, stopped or arrested if you look like a known wrong' un under certain lighting conditions.

There are also reports that it doesn't work so well with certain skin tones.

The members of Congress who were falsely matched with the mugshot database we used in the test include Republicans and Democrats, men and women, and legislators of all ages, from all across the country.

The false matches were disproportionately of people of color, including six members of the Congressional Black Caucus

https://www.aclu.org/blog/privacy-technology/surveillance-technologies/amaz...

*NB link may have some stupid popup, but it went away the second time I tried it.

I can help feeling you’re being a bit pedantic there. 

If it makes it easier for you, then go ahead. I'll not lose sleep over it.

Really glad this case was thrown out. From the news article the case was brought because -

"In a three-day hearing in May, Mr Bridges' lawyers had argued that South Wales Police violated his human right to privacy by capturing and processing an image taken of him in public."

The bloke was in public and there isn't a right to privacy in a public place. 

For example, you can take a photo of anyone in a public place. The person can request that you do not photograph them or ask you to delete the photos (and IMO it would be courtesy to do so) but there is no legal obligation to do so. Taking multiple photos, 'pushing' the camera in their faces or chasing them to continue to photograph them could be harassment, but that is different.

Therefore I don't see what this bloke is complaining about.

Personally I don't care if there are images of me recorded in the street.

Dave 

Yes, and no.

Your image is considered personal data. Taking and storing a photo isn’t the issue. It’s what happens to the photo/data and what it’s used for that is important. 

An image on its own isn’t a problem, an image with you name and address on a “Suspected of looking a bit dodgy” database is a problem. 

The reason it was thrown out was because existing laws cover the storage and processing. If the existing laws do change, then he has the possibility of going back to court with a new case. However, I don’t see any reason for existing laws to be changed as they’ve been campaigned for by people, not just dreamed up and imposed by bureaucrats in the EU. 

Yeah, but I never wore anything like that, honest!

Worse, you'd probably have your own features added to the db as an associate of your chest adornment

What they do is take your photo at different places in the airport. Presumably in order to ensure that one person doesn't hand their passport over to another at son point between security and the departure gate.

One interesting part of the case as I understand it, was the argument that recording the applicants facial details as a mathematical model meant that this became biometric data, like fingerprints and DNA - and as such should be governed by the far more restrictive legislation around obtaining those from members of the public.

I didn't think the case had much chance of success.  To be flippant it's not like the system was just turned on without any thought, there's been a huge amount of internal wrangling and discussion around the legal framework to use FR (and other forms of surveillance) within policing over several years.

Thanks. That’s interesting. 

In reply to a lot of the people here:

You're also under the mistaken impression that such facial recognition cameras operate only on visible light (e.g. your face in infrared will be clear as day beneath an opaque veil) - both sources of data can likely be utilized quite well together. I wouldn't expect all of these techniques to be public knowledge either.
It's also pretty much within the realm of practicality right now that these camera networks can track each and every protester as they return home and use that knowledge to deduce identity (combined with other 'metadata' such as cellphone pings, compromised cellphones, purchasing history of camera tracked individuals). Note the recent police deal in (was it the US? I forget) with one of the home doorbell camera operators, so now the camera network extends the last mile as well (without them even having to pay for it!).

There really is no easy way to escape, and 'going dark' just means they can use that to deduce who you are by process of elimination anyway (i.e. you've probably made it easier and yourself a target worthy of scrutiny). Hide in plain sight.
In my opinion the most revolutionary thing you can do (without overtly entering politics) is grow your own food - a man who does not fear for the livelihood of himself and his family if he speaks out, can think and speak for himself.

Probably worth considering that if "we" really were interested in you, you'd be being followed by a full surveillance team anyway.

If you imagine that we could retrospectively trace your historic movements as you wandered around patchy, partial and poor static CCTV cameras using the magic of facial recognition, then I think you have far too much faith in the technology of FR and the CCTV network that would be required.