In 2017, the Electronic Frontier Foundation (EFF) filed a Freedom of Information Act (FOIA) lawsuit looking to force the FBI and the National Institute of Standards and Technology (NIST) to cough up info about Tatt-C (also known as the Tattoo Recognition Challenge): a tattoo recognition program that involves creating an “open tattoo database” to use in training software to automatically recognize tattoos.
For years, the EFF has been saying that developing algorithms that the FBI and law enforcement can use to identify similar tattoos from images – similar to how automated facial recognition systems work – raises significant First Amendment questions. The thinking goes like this: you can strip out names and other personally identifiable information (PII) from the tattoo images, but the images themselves often contain PII, such as when they depict loved ones’ faces, names, birthdates or anniversary dates, for example.
As part of the Tatt-C challenge, participating institutions received a CD-ROM full of images to test the third parties’ tattoo recognition software. That dataset has 15,000 images, and most were collected from prisoners, who have no say in whether their biometrics are collected and who were unaware of what those images would be used for.
Since 2017, when the EFF used a FOIA lawsuit to get at the names of the participating institutions, it’s been trying to find out whether the entities realize that there’s been no ethical review of the image collection procedure, which is generally required when conducting research with human subjects.
On Tuesday, the EFF presented a scorecard with those institutions’ responses.
The results: nearly all of the entities that responded confirmed that they’d deleted the data. However, 15 institutions didn’t bother to respond, or said “You can count us as a non-response to this inquiry”, to a letter sent by the EFF in January.
In that letter, the EFF requested that the entities destroy the dataset; conduct an internal review of all research generated using the Tatt-C dataset; and review their policies for training biometric recognition algorithms using images or other biometric data collected from individuals who neither consented to being photographed, nor to the images being used to train algorithms.
Nearly all the entities that responded confirmed that the data had been deleted. But at least one university was still conducting research with the dataset five years later: the University of Campinas (UNICAMP) School of Engineering Computer Engineering in Brazil. The university sent a letter saying that researchers are only required to seek ethics review for human data collected within Brazil. Thus, its researcher would keep working on the tattoo images through the end of year and then would delete them.
UNICAMP also refused to acknowledge that the images contained personal information, the EFF says. The group’s take on the matter:
Tattoos are also incredibly personal and often contain specific information and identifiers that could be used to track down a person even if their face and identity have been obscured. For example, even though the names of the inmates were removed from the Tatt-C metadata, the tattoos themselves sometimes contained personal information, such as life-like depictions of loved ones, names, and birth dates that all remain viewable to researchers.
UNICAMP also said that its researcher – Prof. Léo Pini Magalhãe – is adding to the dataset by grabbing images of tattoos from the web: a practice that the EFF noted has increasingly come under fire from Congress in light of the Clearview AI face recognition scandal.
Clearview has been sued for scraping 3 billion faceprints so it can sell its facial recognition technology to law enforcement and other clients; been told to knock it off by Facebook, Google and YouTube; and has lost its entire database of (mostly law enforcement agency) clients to hackers.
It’s not that the FBI and NIST didn’t at least try to strip PII from the images’ metadata. It’s that they failed to identify PII in the images themselves. In one example, by using image data such as the photo-realistic images of inmates’ relatives, their names, dates of birth and death, EFF says it was able to identify the individual within minutes with a Google search.
After the EFF raised concerns about the PII in the images, NIST retroactively stripped images containing PII from its dataset. It was too late to strip the PII from the dataset copies it had distributed to third parties, however.
As well, NIST’s and the FBI’s evaluation of the dataset also failed to consider that the individuals associated with the tattoos could be reidentified when their inked biometrics were combined with other datasets, such as those compiled from Flickr or other social media sites.
The EFF has found a number of cases where the recipients of the dataset have, in fact, identified individuals via their tattoos:
Documents produced in response to our FOIA suit include a presentation showing that researchers at the Fraunhofer Institute of Optronics, System Technologies and Image Exploitation had the ability to match tattoos from websites to a national criminal database. Researchers at Nanyang Technological University used the Flickr API to download thousands of images, which it then used in research that also involved the NIST dataset.
The EFF maintains that tattoos are unique: unlike other biometrics, such as faceprints or fingerprints, they’re an expression of identity. The choice to get a tattoo is a form of speech, it says, whether that means promoting their favorite sports team, celebrating the birth of a child, or a traditional tattoo tied to one’s heritage.
That makes this a free-speech issue, the group says:
It’s rare for a tattoo not to be an expression of the wearer’s culture and beliefs. In recognizing the First Amendment right to get a tattoo, and limitations on the government from preventing citizens from expressing this right, the Ninth Circuit Court of Appeals has said, ‘We have little difficulty recognizing that a tattoo is a form of pure expression entitled to full constitutional protection.’
In fact, NIST itself has justified the usefulness of tattoo recognition in identifying individuals, saying that the images “suggest affiliation to gangs, subcultures, religious or ritualistic beliefs, or political ideology.”
Latest Naked Security podcast
Click-and-drag on the soundwaves below to skip to any point in the podcast. You can also listen directly on Soundcloud.