To Mme Viviane Reding, Vice-President in charge of Justice and Fundamental Rights, European Commission,

To Mr Peter Hustinx, European Data Protection Supervisor,

Padova, 13 April 2011

Dear Madame Commissioner, dear Mr Hustinx,

as an EU citizen, ITC professional and privacy advocate I wish to express my concern over the privacy issues raised by face recognition technologies applied to on-line image repositories, especially for pictures taken in public.

Face recognition is a term that describes many different operations applied to digital still pictures or video frames. It is used:

1. to automatically detect or isolate faces from the rest of the picture and –for videos– track a given face or person,
2. to automatically match or compare a given face with other images and select those where the same person is present,
3. to manually or automatically identify someone, linking together pictorial personal data (e.g. a face) with textual data (e.g. name) related to that person,
4. to automatically perform biometric identity verification for any new image containing an identifiable face.

Those technologies can be used in real time and are pretty accurate: face detection is available for instance in digital cameras and cellphones. Social networks already provide their users with tools for face detection and identification, where face-identity linkage happens either manually (tagging) ¹ or automatically (matching)². As far as I know, services for unrestricted automatic face matching are not yet available to the public due to privacy concerns, but have no technical limitations³. It is now absolutely feasible to apply face detection and matching to huge picture and video repositories (such as Fickr, Picasa and Youtube) and also achieve full identification linking pictorial data with the wealth of personal information available from social networks: this has already been demonstrated in an unreleased prototype software for smartphones called “Augmented ID” or “Recognizr”⁴ from the Swedish company The Astonishing Tribe. It's important to consider that the same technology can be used to enhance people's privacy, for instance to detect and blur faces and personal details.

The Web 2.0 architecture of the net allows massive linkage of dispersed personal data. This is good both for people and the economy as long as data are used in respect of individual privacy rights, but privacy violations may harm both citizens and the ICT industry. Face recognition makes possible massive, indiscriminate and unauthorized matching and identification of pictorial personal data, even from pictures taken in public places. Ostensibly, firms dealing with the large public, like Google⁵, refrain to distribute an already mature technology fearing it could backfire: if face recognition is perceived as a threat, it can harm their business. This is not a case of market self-regulation: other actors, less bound by public opinion, are still able to discretely build private identity databases, based on globally available pictorial and textual data, for a variety of purposes ranging from government or private⁶ security to intelligence or marketing⁷, not to mention illegal practices like identity theft or stalking⁸. Self-regulation applies asymmetrically only to the most visible segments of the ITC industry.

I believe that these technologies, despite their indisputable usefulness, are posing a threat to citizens privacy in the short term and can represent a menace to the Internet industry on a longer term, calling for a clarification of their consented use under current privacy norms, or further explicit regulation. A clear and well-balanced regulatory framework could preserve citizens from privacy intrusions, while also providing the Internet industry with a consistent and transparent privacy policy environment in which citizens confidence, technology research and business can thrive.

Thank you for your attention, I'll be more than glad to participate in a desirable public debate on this issue.

Kind regards, Alberto Cammozzo

Notes:

1 A Facebook blog entry announces “Tag suggestions”: http://www.facebook.com/blog.php?post=403838582130
The same for Google Picasa: http://picasa.google.com/support/bin/answer.py?hl=en&answer=93973

2 In the desktop version of Picasa automatic face-matching is enabled by default http://picasa.google.com/support/bin/answer.py?answer=106509

3 The state of the art is appreciable from this video http://www.youtube.com/watch?v=1GhNXHCQGsM

4 A survey of these two programs is in this article http://www.readwriteweb.com/archives/recognizr_facial_recognition_coming_to_android_phones.php

5 Comments on Google not distributing a program for privacy concerns: http://venturebeat.com/2011/04/01/googles-face-recognition-app-sounds-great-for-stalkers/; more on its hesitations after a TIME interview: http://techland.time.com/2011/03/31/googles-facial-recognition-app-take-my-photo-get-my-contact-info/

6 For an example of a surveillance system on the market: http://www.lodgesi.com/face_recognition_non.html

7 Anonymous face detection has been used in digital signage for years, and face matching is being demonstrated: http://www.mediasignsystems.com/face_recognition.htm , http://econsultancy.com/uk/blog/5232-intel-and-microsoft-bet-on-instore-facial-recognition-advertisements. See also http://aznow.biz/tech/facial-recognition-coming-to-a-store-near-you. Tentative use of face matching in social networks is documented for Coca Cola: http://www.facebook.com/note.php?note_id=221568638890, http://news.cnet.com/8301-17939_109-10409015-2.html.

8 A proof-of-concept of a possible creative use of one million faces “stolen” on Facebook has recently been presented at Transmediale festival in Berlin http://www.face-to-facebook.net/

Reply from Chief of cabinet of Commissioner Reding

Brussels, 15 June 2011

Dear Mr Cammozzo,

Thank you for your letter addressed to Vice-President Viviane Reding concerning face recognition technologies applied to online image repositories.

As you might know, in 2009 the European Commission embarked on an ambitious process of reform of the data protection legislation. A strategic Communication on the future of data protection was adopted in November 2010, and several consultations on data protection took place throughout 2009 - 2011 [1].

The objective of the reform is to update and modernise a well-tested legal framework and to encourage trust in both the internet as a medium and in emerging technologies. Users need to be in control of their personal data and not to resort to solutions involving compromise to "trade offs". If the roll out of face recognition technologies available to anyone online is not controlled, the privacy of individuals could be seriously jeopardized.

The massive deployment and use of Information and Communication Technologies (ICT) - particularly the internet -, has made a great impact as a vital medium of economic and societal activity: for doing business, working, playing, communicating and expressing views freely.

In particular, new business models have emerged, building entirely on people's personal data, including information generated by personal devices such as mobile phones and other mobile devices.

[1] For more details, please, consult following website: http://ec.europa.eu/justice/policies/privacy/review/index_en.htm