Following the news that San Francisco has become the first city to ban the use of facial recognition in local agencies, such as law enforcement, please see a comment below from Matthew Aldridge, Senior Solution Architect at Webroot, who believes that while the technology can work well, the risk of biometric data being stolen is too great a risk for it to be deployed worldwide.
Breaking News: San Francisco became the first major U.S. city to ban the use of facial recognition technology by police and other municipal agencies https://t.co/4G5zypmh2w
— The New York Times (@nytimes) May 14, 2019
Matthew Aldridge, Senior Solution Architect at Webroot:
There are however legitimate applications from law enforcement and other similar agencies where face recognition technology could greatly reduce policing costs and increase the chances of successful prosecutions in certain cases. In these situations it should only be perpetrators of crime who have their biometrics stored in this way. There is a temptation in mass surveillance to build a profile on every unique person detected, track their movements and categorise them into behaviour groups. This type of approach is being taken for example in China, where the state is able to not only do this, but to map the profiles to the identities of the individual citizens concerned, raising questions about how and why this data is being used.
Current facial recognition technology can work well, but is far from perfect. Despite its shortcomings, it demonstrates its value by reducing the workload of investigators, effectively augmenting their role. Facial recognition for personal use – such as tagging photos and authenticating access to your smartphone – is a very different application and should not be confused with mass surveillance at city and state level. There is a real chance of that biometric data being leaked, stolen or hacked and it is the associated privacy and human rights risks of the technology that we must continue to address through ongoing legislation combined with improved technical controls.
Sam Bakken, Senior Product Marketing Manager at OneSpan:
It’s important to remember though that one-to-one use cases such as that facilitated by Apple Face ID and other technology whereby a user willingly enrolls in the system to allow them to unlock their phone or log-in to other accounts using their face makes it easy and convenient for consumers to add an additional layer of security to their mobile devices and accounts.
John Gunn, CMO at OneSpan:
Michael Magrath, Director, Global Regulations & Standards at OneSpan:
Banks, e-commerce and other entities using biometrics in their interactions with customers are covered by their End User License Agreement (EULA), so this particular legislation won’t impact them by and large, although there could be some BYOD implications, but is certainly interesting in terms of consumer sentiment and in particular, the emotions some groups have surrounding new technologies.
For perspective on the commercial uses of biometrics, remember that banks are losing more than $10B per year to fraud and biometrics are bringing that number down, which benefits all consumers.
David Warburton, Senior Threat Research Evangelist at F5 Networks:
“As a global technology hub, San Francisco’s decision to ban facial recognition may have come as a surprise to many. It is explicit recognition that the technology still has inherent weaknesses, as well as a wide range of privacy implications. A serious and enduring concern with biometrics relates to how data is stored and handled. Many government departments in today’s digital age simply do not have a great cybersecurity track record, and the sheer quantity of data biometric systems collect becomes a hugely attractive cybercriminal target. Interestingly, there are geographic differences when it comes to facial recognition. In China, for example, the technology is widespread and more commonly accepted for everything from identifying jaywalkers to monitoring children’s moods in classrooms. However, this is not the case in other parts of the world where trials are still determining the efficacy and privacy implications of this emerging technology.”