How Sense of Privacy Threatens Facial Recognition's Protective Power

The original concept of privacy, in one of its simplest expressions, was “the state or condition of being free from being observed or disturbed by other people.” If one didn’t want to be observed by others, one didn’t put themselves in public places or the electronic equivalent (i.e. social media). To insist on privacy at all times and in all places is generally appreciated as an untenable position and one that would ultimately prove advantageous to criminals in an unintended and ultimately detrimental way.

Recent concerns churning around the use of facial recognition may be another example of misplaced, anachronistic consternation borne of having pushed the concept of privacy to extremes. These anxious feelings toward facial recognition can, if unchecked, reach a point where they undermine common sense and our ability to leverage new technologies in the protection of the innocent and prosecution of the guilty.

Like any new technology, facial recognition can conceivably be advanced in a biased and abusive manner. However, those who want to put forth the specter of such scenarios should do so in a manner that provides actual evidence of these instances. For example, a recent published account reports to have discovered that the states of Utah, Vermont and Washington have allowed government agents to access images on their respective DMV databases. It doesn’t follow, however, that such access constituted an “an abuse” or that it was done in some untoward or biased way. Admittedly, it might prove valuable to ask in these situations if the legal or public safety justifications surrounding the use of facial recognition were, in fact, an encroachment on a limited, judiciously construed concept of privacy.

We, as citizens in a society, are obligated to do certain things in order to enjoy the fruits and benefits of citizenship, like having a valid ID in order to drive a car. There are those who would suggest that the mere accessing of our information [in this case, our image] is somehow an “exploitation.” Others would suggest that mere access doesn’t equate with the pejoratively ladened description of it as having been an exploitation.

After all, what is the definition of an “exploitation”? The action or fact of treating someone unfairly in order to benefit from their work or property. Once we give up our photo, one could argue that that constitutes tacit permission to use or leverage that visage in any manner that might benefit the common good (i.e. aid in an arrest of someone who might have violated the law). The issues surrounding such use are myriad and beg the question as to what regulations should be put in place in order to protect a citizen’s reasonably held expectation of privacy.

Clearly scanning an inanimate representation or image of a person is not the same as surveilling the actual person. Leveraging that image, after a person has placed themselves in a public forum where it could be argued one has waived any reasonable expectations of privacy, at least as far as those that might have extended to one’s visage, is hardly exploitation. To extend privacy protections into public forums— forums in which many criminal actions are advanced—is to limit the ability of law enforcement to effectively battle on behalf of those who are being prejudicially impacted by the criminal acts of others.

We would never think of claiming that law enforcement had exploited the privacy of an individual because they used their fingerprints on file to match those found in a crime scene. Why then would we question the matching of an image on file with that of another image taken at a crime scene, illegal border crossing or riot? Food for thought in challenging and complex times.

John McClurg served as Sr. Vice President, CISO and Ambassador-At-Large in BlackBerry's/Cylance’s Office of Security & Trust. McClurg previously was CSO at Dell; Vice President of Global Security at Honeywell International, Lucent Technologies/Bell Laboratories; and in the U.S. Intelligence Community, as a twice-decorated member of the Federal Bureau of Investigation.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.

ON DEMAND: Apple Mac computer use is growing in the corporate space. Having the solutions and the knowledge base to respond to events that include Mac computers is just as important as their Windows counterparts.