Privacy News Roundup: Face Recognition, Data Retention, and Patchy CCTV
Germany Squares Off Against Facebook on Privacy
Facebook should destroy the database of face images it’s collected from German users’ uploaded photos and refrain from creating digital files using biometric data unless registered users explicitly grant permission, German Data Protection Commissioner Jonannes Caspar has demanded.
On August 15, the Hamburg commissioner reopened an investigation into Facebook’s use of facial recognition software, which is used to prompt photo-tagging suggestions. Although he’d previously closed the inquiry, Caspar recently told the New York Times that despite ongoing negotiations, the social networking service is continuing to use the software to compile a huge database of registered users’ photos, which he maintains is illegal. Facebook, meanwhile, claims to be in compliance with EU privacy laws. Caspar planned to submit a formal request calling on Facebook to change its practices by the end of the month.
At issue is Facebook’s processing of users’ personal data without their consent. While Facebook has set up an opt-out system, Caspar argues that only an opt-in system would be sufficient. An opinion on the use of facial recognition software in online and mobile services issued earlier this year by the European Union Article 29 Working Party—an advisory body formed under the EU Data Protection Directive—determined that in Europe, simply establishing opt-out settings is not enough:
“Users should be explicitly provided with the opportunity to provide their consent for [facial recognition] either during registration or at a later date, depending on when the feature is introduced. In order to consider the consent valid, adequate information about the data processing must have been given.”
“Constant Surveillance” Back on the Agenda in Australia
Despite earlier reports that Australian Attorney General Nicola Roxon would table a proposal for mandatory two-year data retention—which would require Internet service providers and telecoms to log the private communications data of all Australians rather than just those suspected of wrongdoing—it seems the Australian government may charge ahead with the plan to implement this online surveillance framework after all.
During a speech delivered Sept. 4 at a conference on security in government, Roxon said, “There has been a lot of press coverage about one component of the reforms—and that is data retention. Many investigations require law enforcement to build a picture of criminal activity over a period of time. Without data retention, this capability will be lost.” Her comments defending data retention spurred a flurry of news clips reporting that this highly controversial aspect of the government’s National Security Inquiry proposal has resurfaced yet again.
UK Police Admit Surveillance Cameras Are Patchy and Sometimes Ineffective
Surveillance cameras, capable of recording 3,600 images of vehicle plate numbers per hour, are nevertheless marked by large gaps in coverage and are sometimes useless as a tool for apprehending people who break the law, UK police agencies have admitted.
Automatic Number-Plate Recognition (ANPR) cameras are positioned inside police cars and along main thoroughfares across the UK. They automatically record images, plate numbers, location, and time and date information for each and every vehicle passing through. In some cases, this information is stored for up to two years.
Yet comments made during a recent court hearing by representatives of the Association of Chief Police Officers, which operates the UK’s ANPR network, revealed that the cameras are patchy and can be easily fooled by low-tech measures such as modifying plate numbers. The comments were made as part of law enforcement's argument that they should not be required to disclose the locations of the ANPR cameras in response to a Freedom of Information request submitted by The Guardian.
The Guardian also quoted security official Neil Winterbourne, who runs the ANPR camera program for Scotland Yard's counter-terrorism command, as saying criminals could thwart ANPR cameras by driving a certain way. "A properly trained driver can adopt a particular driving style that will greatly reduce the chance of the vehicle being detected by ANPR,” he said, declining to elaborate any further.
The upshot? UK citizens are being made to sacrifice their privacy for the sake of security—but anyone engaging in illegal activity who is seriously intent on averting detection could find a way to slip out of the surveillance trap. Meanwhile, law-abiding motorists have no choice but to regularly yield private information about their whereabouts, plate numbers, travel patterns, automobiles, and other identifying data to law enforcement. With ubiquitous ANPR cameras, members of the general public are effectively stripped of their right to privacy, without any assurance that the cameras make them any safer.