We already know that Facebook’s facial recognition technology – called “DeepFace” – rivals humans’ ability to recognize people, regardless of lighting changes and camera angles.
It doesn’t hurt that Facebook photos are higher-quality than the grainy images that cops can pull from CCTV footage and other sources.
As it turns out, Australia’s law enforcement agencies are more than happy to jump on all that imagery, which is both high-quality and pretty accurately linked to identities.
In late August, the country passed amendments to the Migration Amendment (Strengthening Biometrics Integrity) Bill 2015, and thus did the government give itself the power for several Australian agencies to collect biometric data on both Australian citizens and non-citizens at the border and within Australia.
In other words, Your Faces R Belong to Us, citizens!
Now, it appears that Australia’s planning to suck images straight out of Facebook, et al.
The Guardian reports that government officials have confirmed that a planned national counter-terrorism database – its full name is the National Facial Biometric Matching Capability, but it’s referred to simply as the Capability – could include photos pulled from social media sites.
In September, the Minister for Justice and Minister for Assisting the Prime Minister of Counter-Terrorism, Michael Keenan, announced that the federal government would spend AU$18.5m (about £8.65m) to develop the database, the aim of which is to aid counterterrorism efforts.
He explained at the time that the system will initially provide one-to-one matching to help establish the identity of unknown persons against photographs contained in government records:
This process will expedite putting a name to the face of terror suspects, murderers, and armed robbers, and will also help to detect fraud cases involving criminals that use multiple identities.
The Attorney General’s department also said that the database will replace klunky old methods of doing the same thing:
The capability is designed to replace existing manual, ad hoc facial image sharing arrangements between agencies, providing an efficient, secure, and accountable mechanism through which images can be shared and matched.
On Tuesday night, senior officials from the attorney general’s department said during hearings to go over the government’s budget that photos could be siphoned out of social media sites and used in the new system.
While it’s technologically feasible to ingest images coming out of social media platforms, that doesn’t mean that it’s necessarily legal to do so, said Andrew Rice, the assistant secretary of the Attorney General’s department and of the Cyber and Identity Security Policy.
The Guardian quotes Rice:
It's possible that still images out of these kinds of environments could be put into the system. That would be a choice for the users of the system [such as police departments].
Making those choices will be on the basis of their existing legal permissions.
The government has tried to quell concerns about privacy by insisting that the Capability won’t be a centralized database.
Other security concerns:
- Digits such as passports, credit cards, PINs or taxpayer IDs can be replaced fairly easily. You can’t say that about your face data points. What happens if the biometric database gets breached?
- The government is promising “strong privacy safeguards” but not giving any details besides noting that the records will be decentralized.
- Error rates of facial recognition are a concern. As of 2013, the Federal Bureau of Investigations (FBI) was saying that a 20% error rate was acceptable when it came to using facial recognition and state department of motor vehicle photos in the US.
The attorney general, George Brandis, said on Tuesday that the government’s new powers don’t need to go through parliament to be enacted.
Well, at any rate, not that he knows of.
The Guardian quotes him:
I'm not aware that it requires legislation.