As new technologies develop, it's worth reminding ourselves that just because we can do something doesn't mean that we should. Often a new technology can bring plenty of new opportunities to do amazing things, but that doesn't mean that it cannot also be ripe for abuse. That's certainly the case with facial recognition technology, where some law enforcement agencies have rushed to build networks of databases of law-abiding people's faces (perhaps from driving licences or passport information), scouring them to find criminals, but failed to satisfy their legal and statutory requirements to inform the public about what they were doing. The huge number of CCTV cameras and the growing adoption of police body cameras, which could be combined with facial recognition technology and cellphone tracking, have the potential - argue some - to "redefine the nature of public spaces." In a nutshell, how would you feel if it was even easier for the authorities to track where you were, hour by hour, as you walk around a city? And that you, as a law-abiding citizen, handed that ability on a plate to your government simply by applying for a driving license. The problem is only made worse when studies reveal that facial recognition can often make mistakes, or show a tendency to be more error prone when dealing with subjects of different races and gender. You can change your passwords, but you can't (barring wearing a wooly balaclava or wide-brimmed sombrero - which might very attract undue attention by itself) hide your face. I was thinking about this issue today when I read reports that a man who has been on the run from the authorities for more than 24 years has been apprehended because of facial recognition technology.
In 1992, Robert Frederick Nelson escaped from a Minnesota federal prison, and adopted the bogus identity of Craig James Pautler. The Nevada branch of the Department of Motor Vehicles (DMV) says that 64-year-old Nelson was finally caught in June, having been on the run for 25 years. When Nelson attempted to get his state identification card in his real name renewed, a facial recognition system found that he had previously held a Nevada driver's license in the name of Pautler. As you can tell by his latest police mugshot, he doesn't seem to be too pleased to have been caught. No-one will probably be too upset (other than Mr Nelson) by the outcome of this case, but the fact remains that his apprehension is based upon the authorities applying facial recognition technology against a database of faces that were predominantly law-abiding. Indeed, at the time that the DMV collected "Craig James Paulter"'s face, they did not believe him to be a suspicious or criminal character. This is just one case, of course. But consider that the United States Department of Homeland Security is pushing forward with a plan to require all Americans leaving the country to have a facial recognition scan, expanding on existing biometric checks targeting foreigners. Six US airports - Atlanta, Boston, Chicago, Houston, New York, and Washington DC - are already running a pilot program of facial recognition scans, and more airports are expected to jump aboard in the future. Yes, this may bring us more security - but does the benefit outweigh what we lose in terms of privacy, as we shift ever onwards towards a surveillance state? If you have an opinion on how facial recognition technology should be controlled and the best practices for defending the data it collects, leave a comment below. Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
