Are your fingerprints, email and image worth a cute fake passport?

shutterstock_244051222

Given that I’m a sucker for online quizzes, I’m aware of the fact that when I’m angry, the villain I most resemble is Voldemort.

I also know that if an artist were to promise me a novelty passport that features my machine-drawn portrait, replete with my name and an official-looking red stamp just like a real passport, I, like many of us artsy and fun-loving types, would be pretty tempted to belly right on up and hand over every flake of biometric I could shed.

I haven’t had the chance, but the art piece isn’t hypothetical.

The installation piece, called “Sensible Data” and created by Swiss artist Martin Hertig, is designed to demonstrate how easily we give up personal data in exchange for fun.

It’s a multistep process:

As the video shows, first, you pick up an iPad and snap a selfie.

Next, a machine draws your portrait on cardstock.

You punch in your email address, after which an algorithm studies your photo to guess your age, gender, mood, and “beauty,” which is measured as a percentage (a percentage of just what, exactly, I don’t know).

Finally, you have to press and hold a “dubious” button for 3 seconds to get your “confirmation stamp.”

Security and privacy literati will already have realized that at this point, in exchange for a faux passport, you’ve given over:

Your likeness, to a facial recognition program – specifically, the three machines run modified versions of Piccolo CNC, an open-source drawing machine based on Arduino.

This isn’t facial recognition on the level of Facebook, which is getting so good at it that it’s facing a class action lawsuit claiming that the company has violated users’ privacy rights in acquiring what it describes as the largest privately held database of facial recognition data in the world.

Sensible Data isn’t all that sophisticated: it relies on a Python script to transform the photo into a line drawing that it sends to the drawing machine.

Not Facebook class-action lawsuit level, but still, you get the idea: you’ve just handed over your likeness, not knowing what will be done with it, to whoever dangled a toy passport in front of you.

In this case, the iPad selfie is automatically synchronized to the Raspberry Pi using Dropbox.

When receiving an email, the Pi sends the previously taken image to an online service called Rekognition, where a machine learning algorithm detects the beauty in percent, mood, age and gender of a person, storing the data in a database.

The installation then prints that data on the passport, letter by letter, using a laser-cut stamp-wheel.

You’ve also given over…

Your email address.

That’s then up for grabs and will potentially be sent, along with your photo and fingerprint, to a future visitor to the installation, based on what the artist calls “an absurd criteria” – the amount of lines in the portrait.

How exactly the art installation determines what to do with your information and what the number of lines in the portrait have to do with that decision is irrelevant to the overall message of the piece: namely, you’ve just handed over three sensitive pieces of data: your face, your email, and…

Your fingerprint, for purposes unknown.

Your fingerprint, of course, was captured when you held that dubious button – it’s a fingerprint scanner – down for 3 seconds.

You get a validation stamp at the end – congratulations! – after the fingerprint has been scanned.

After some seconds, an email with all the data of a “matching” person gets sent to the user.

The project is fun, but it really doesn’t tell us anything we don’t already know.

After all, we know that all you have to do to test people’s confidence in giving away private data is to grab a microphone, have somebody follow you around with a video camera, and ask people for their passwords.

Because TV! Because reporter!

Still, the lessons of the art piece are valid: every day, we face choices.

Do we click when we see the chance to get something for nothing?

Like, say, the offer of “exclusive passes” for “lucky” Super Bowl XLVII NFL fans that turned out to be a survey scam.

There were in fact no “free passes” forthcoming when that survey scam circulated in 2013.

Rather, scammers reaped the personal details of those who clicked and sold them off to the highest criminal bidder.

Click, no click?

Like with Hertig’s Sensible Data installation, we have a choice.

We don’t have to hand over our likenesses (which are increasingly ending in vast databases), our email addresses (which the social media giants are allowing brands to target-market us with), or our fingerprints.

If we don’t hand that information over, though, the internet turns into a version of the Soup Nazi on Seinfeld: No soup for you!

No toy passport for you! No Facebook fun, no YouTube, no Google Search for you!

It’s up to you: privacy, or soup?

Image of fake passport courtesy of Shutterstock.com