This article in Forbes describes in glowing terms how facial recognition will protect our schools and make our lives more convenient, but hardly discusses the very real dark side at all. Every biometric discussion should be required to address failure modes for the biometric under discussion and the application it is applied to with a particular focus on the impact of known recognition error rates and biases.
The first four paragraphs make only a vague reference to the fact that facial recognition today isn’t very good:
“For all the buzz that biometric facial recognition authentication technologies have generated, it is important to recognize that the technology is still in its relative infancy. This is important because the power and potential of its use are poised to provide incredible levels of safety and service across a broad range of verticals.
More than ever, that increased level of digital and physical security is greatly needed. So now is the time for a realistic discussion of how to harness the potential for biometric facial recognition authentication to ensure its continued development includes safeguards and seizes opportunities.
Biometric facial recognition authentication is now a regular household technology. Replacing the finger-scan security feature on previous models, the facial recognition capability of the iPhone X has millions of users experiencing the technology for the first time. The user’s face is confirmed by 30,000 separate infrared dots and works in concert with a robust series of fail-safes to prevent false authentication, including a traditional password. But the iPhone version of the technology represents just an inkling of its scope and possibilities.
It is important to note, though, that biometric facial recognition exists for a reason. And that reason is its ability to remove identification from something you know (like a password) or something you possess (like a laptop or security badge) and augment it with who you actually are. When used as a second factor of authentication, biometrics represent a dramatic security improvement.”
The article begins with a discussion of facial recognition as a replacement for passwords, which is a use case that Mercator fully endorses. We do not, however, endorse any biometric solution that depends entirely on just one biometric – multi-factor and multiple biometrics combined with other physiological and environmental markers should all be considered part of the method for establishing the degree of likelihood that you are who you claim to be.
And now the one paragraph that barely hints that maybe there’s a downside to this before jumping into all the benefits to be reaped and I imagine the author intends to reap some of those benefits:
“And as some of the conversation about the technology understandably focuses on privacy and other issues, there are a host of other potentials for it that have yet to be reaped. Consider the potential of facial recognition merely as a customer service tool, removed from the more hot-button concerns that can sometimes derail a discussion on a technology’s possibilities. It’s a measured place to begin the discussion because views and opinions of privacy shift dramatically between industries.”
Thank goodness the Europeans have a mandated privacy position in GDPR. In the US we continue to quibble about what level of privacy the constitution offers. So now that our concerns have been duly noted on to the benefit reaping, which includes being refused entrance to a hotel room, turned down for healthcare and accosted by police at your child’s school, especially if you’re not Caucasian:
“According to Oracle’s Hotel 2025 report, there is growing enthusiasm for facial recognition systems that could be used to identify and even interact with guests, with 72% of hotel operators expecting to deploy such technology in the next four years.
With lower expectations of privacy in a situation where a reservation has been made, or a loyalty program has been joined, biometric facial recognition offers the potential for new levels of concierge service across a wide range of companies.
For health care providers — particularly in the areas of assisted living and for patients who suffer from Alzheimer’s, dementia or any type of cognitive impairment — facial recognition offers increased patient protection. If a patient wanders away from a facility with no identification, facial recognition can help quickly identify them and get them back to safety.
In education, school districts in Arkansas and New York are already looking to facial recognition technology combined with machine learning algorithms to identify people, objects and even behaviors that could present safety threats.
In the event of a tragedy like a school shooting, the technology’s power becomes more clear. It could identify a figure approaching a school and not only confirm if the person should be on the school campus but also use object detection to determine whether the person is holding a weapon or acting suspiciously. This could set off a series of security procedures and protocols that would help prevent the worst or minimize harm. A perpetrator’s image, location and information could be quickly communicated to first responders, who often must race blindly into chaotic, confusing and terrifying situations with little understanding of what has happened.
The technology could also identify the behavior of someone who is injured and immediately send that information to medical staff and EMTs to ensure a victim gets the fastest care possible. By allowing first responders to know exactly what is happening and who is involved — as well as the trajectory of events leading up to, during and after an incident — lives can be saved and arrests can be made with much greater speed and accuracy.”
Is anybody worried about being arrested with better speed and accuracy? This isn’t just a technology question, it’s also a question of how our police and justice systems operate and we should be concerned with an insanely low and currently impossible to attain .1% false positive rate if that authorizes police to go into a situation with guns drawn and expecting to be attacked.
And now a muddles discussion of technology that by omission appears to identify current technology up-to-snuff for security applications , but room for improvement when video is involved:
“For public safety and security applications, the possibilities are truly limitless. But there is a second technological piece of the puzzle that needs further development.
To truly harness the power of recognition, artificial intelligence and machine learning can be optimized with biometrics. Video is not like other types of data. It can be sped up or slowed down for review, but without AI, that process is still cumbersome and time-consuming. According to the National Center for Education Statistics, up to 94%of public high schools utilize cameras capturing live streams, making it unrealistic to parse the information captured manually in real time.
To achieve the greater complexities of advanced applications, video must be converted to bytes. AI can then efficiently parse through that data to identify patterns, building a search index of events. While biometrics are currently sophisticated enough to determine and identify activity, it will take further innovation in AI to close that remaining gap. That capability is still a year or two away, but it will be a game-changing tool across a wide breadth of industries.”
The confusion here is that most biometric solutions today, including most facial recognition solutions, already use machine learning. That said, video certainly increases the degree of difficulty in that environmental factors and cheap cameras already in place makes facial recognition pretty much impossible in real time.
At last a paragraph that hints at a privacy issue!
“How this will align with the post-GDPR era of privacy concerns remains to be seen. But what is certain is that the level of privacy compliance will be far more reliable in a technology that is professionally developed and deployed with accountability rather than what we have now: confusing footage shot on a thousand different camera phones and then broadcast, uploaded or shared after an event or incident has occurred, with no context, accountability or reliability — and, most importantly, no privacy considerations at all.
The question is not whether we will be captured on film over the course of our daily lives. There are already 62 million security cameras in the United States alone, and millions more in everyone’s’ pockets. But we need to figure out the best way to responsibly enhance what is already a reality with a technology that will create greater levels of safety and service.”
I truly hope GDPR slows down the widespread deployment of this technology until it’s accuracy rate is far better than it is today and until we can determine how we will protect everyone’s constitutional freedoms. The Chinese government isn’t waiting and is unconcerned about a few false public shamings, I hope we do better.
Overview by Tim Sloane, VP, Payments Innovation at Mercator Advisory Group