Book Review: Your Face Belongs to Us by Kashmir Hill

Author Logo“Instantaneous photographs and newspaper enterprise have invaded the sacred precincts of private and domestic life.” You might be surprised to find out that this quote is more than 130 years old, from a law review article co-authored by Louis Brandeis, and inspired by the invention of Kodak film. It appears in a new book “Your Face Belongs to Us,” by Kashmir Hill, a tech reporter for the NY Times. She chronicles the journey of digital facial recognition software, focusing on Clearview AI Inc. from scrappy startup to a powerful player in the field, and exposes their many missteps, failures, and successful inroads into becoming a potent law enforcement tool.

Clearview wasn’t the only tech firm to develop facial recognition software: Google, Facebook, Microsoft, IBM, Apple and Amazon all had various projects that they either developed internally or purchased (Google with Pittsburgh Pattern Recognition and Apple with Polar Rose for example). In either case, these projects were eventually stopped because they were afraid to deploy them, as Hill writes. Facebook, for example, had face recognition projects as early as 2010 “but could afford to bide its time until some other company broke through.” But Facebook didn’t delete the code but merely turned it off, leaving the door open for some future time when perhaps the technology would be more accepted.

She documents one of the biggest challenges: being able to identify people in various candid poses, with dim lighting, with poor resolution street surveillance cameras, and looking away from the ever-seeing lens. Another challenge is legal, with lawsuits coming at Clearview from literally all corners of the globe. Leading the charge is ACLU lawyer James Ferg-Cadima and the state of Illinois, which was an early adopter of biometric privacy.

Clearview has also brought many activists to protest and lobby for restrictions. One shared his opinion that “face recognition should be thought about in the same way we do about nuclear or biological weapons.” Clearview soon “became a punching bag for global privacy regulators,” she writes, and describes several efforts in Europe during the early 2020’s that resulted in various fines and restrictions placed on the company.

Police departments were early adopters of Clearview, thanks to today’s smartphone users that post everything about their lives. That has led to one series of legal challenges which was self-inflicted. Hill documents many cases where the wrong person was identified and then arrested, such as Robert Williams. “It wasn’t a simple matter of an algorithm making a mistake,” she writes. “It was a series of human beings making bad decisions, aided by fallible technology.” She wrote that one for a NY Times article entitled, “Wrongly Accused by an Algorithm.” In many of these wrongful arrest cases, the accused were black men, which could be tracked back to inadequate training data of non-white images. (Facebook had this problem for many years with its image recognition algorithm.)

Some of Clearview’s story is inextricably bound to Hill’s own investigations, where early on she tipped off the company about her interests and was initially blocked from learning more about their technology. Eventually, she would interview Clearview’s CEO Hoan Ton-That numerous times to connect the dots. “It was astonishing that Ton-That had gone from building banal Facebook apps to creating world-changing software,” she sums up his career.

The company was determined to “scrape” the web for personal photos, and today various sources claim they have accumulated more than 30 billion images. All of these images, as she points out, were collected without anyone’s explicit permission. This collection would become infamous and exemplify a world “in which people are prejudged based on choices they’ve made in the past, not their behavior in the present,” she wrote. You could say that on the internet, everyone knows you once were a dog.

She finds that Clearview created a “red list” which would remove certain VIPs from being tracked by its software by government edict. “Being unseen is a privilege.” Unfortunately, it is getting harder and harder to be unseen, because even if you petition Clearview to remote your images from their searches and from public web sources, they still have a copy buried deep within their database. Her book is an essential document about how this technology has evolved, and what we as citizens have to do to protect ourselves.

SiliconANGLE: After 10 years of crypto scammers, there is still a rocky road ahead

Running a criminal cryptocurrency enterprise has certainly gotten more complicated.

It was 10 years ago this week when Ross Ulbricht walked into a branch of the San Francisco public library to spend another day running the Silk Road, his marketplace for buying and selling illegal and questionable goods. He walked out in handcuffs after an elaborate sting operation carried out by the FBI. This week, the scene shifts to a downtown New York City courtroom, where former FTX Trading Ltd. founder and former Chief Executive Sam Bankman-Fried faces 12 counts that he attempted to defraud investors for his various alleged crypto-related schemes.

Although the two events deal with vastly different parts of the criminal justice system, they are notable bookends in the past decade for the rise and fall of cryptocurrencies, along with associated technologies regarding blockchains, smart contracts and other elements of this universe.

You can read my analysis of this historic moment in SiliconANGLE here.

Using Fortnite for actual warfare

What do B-52s and a Chinese soccer stadium have in common? Both are using Epic Games’ Unreal Engine to create digital twins to help with their designs. Now, you might think having a software gaming engine would be a stretch to retrofit the real engines on a 60-plus year old bomber, but that is exactly what Boeing is doing. The 3D visualization environment makes it easier to design and provide faster feedback to meet the next generation of military pilots.

This being the military, the notion of “faster” is a matter of degree. The goal is for Boeing to replace the eight Pratt and Whitney engines on each of 60-some planes, as well as update cockpit controls, displays and other avionics. And the target date? Sometime in 2037. So check back with me then.

Speaking of schedules, let’s look at what is happening with that Xi’an stadium. I wrote about the soccer stadium back in July 2022 and how the architects were able to create a digital twin of the stadium to visualize seating sight lines and how various building elements would be constructed. It is still under construction, but you can see a fantastic building taking shape in this video. However slowly the thing is being built, it will probably be finished before 2037, or even before 2027.

Usually, when we talk about building digital twins, we mean taking a company’s data and making it accessible to all sorts of analytical tools. Think of companies like Snowflake, for example, and what they do. But the gaming engines offer another way to duplicate all the various systems digitally, and then test different configurations by literally putting a real bomber pilot in a virtual cockpit to see if the controls are in the right place, or the new fancy hardware and software systems can provide the right information to a pilot. If you look at the cockpit of another Boeing plane — the iconic 747, now mostly retired, you see a lot of analog gauges and physical levers and switches.

Now look at the 777 cockpit — see the difference? Everything is on a screen.

product image

It is ironic in a way: we are using video gaming software to reproduce the real world by placing more screens in front of the people that are depicted in the games. A true Ender’s Game scenario, if you will.

SiliconANGLE: This week’s news

I have known John Kindervag for many years, going back to the days when Novell Netware was a major power and Interop a must-see international conference. Yes, those dinosaurs have become extinct, but John soldier’s on with promoting zero trust networking far and wide. Now he is with Illumio, which seems like a great fit. I interview him for a post here.

Have you heard the term purple teams in reference to IT security? There is yet another new vendor on the purple scene, and the purple trend is catching on, albeit slowly. The notion is to have both defenders and attackers collaborate, and learn something from each other. Here is my take on the situation.

Finally, there has been yet another NFT hack, this time with one of the OG NFT marketplaces OpenSea. It is not their first time when funds were stolen. You would hope by now they would have gotten their act together. Here is my post about the situation.

SiliconANGLE: Security threats of AI large language models are mounting, spurring efforts to fix them

A new report on the security of artificial intelligence large language models, including OpenAI LP’s ChatGPT, shows a series of poor application development decisions that carry weaknesses in protecting enterprise data privacy and security. The report is just one of many examples of mounting evidence of security problems with LLMs that have appeared recently, demonstrating the difficulty in mitigating these threats. I take a deeper dive into a few different sources and suggest ways to mitigate the threats of these tools in my post for SiliconANGLE here.


SiliconANGLE: This week’s news

Several news developments that I reported on for SiliconANGLE this week:

Book review: The Traitor by Ava Glass

The Traitor: A NovelAccidental superspy Emma is back in this second volume, which can be read independently of the author’s first book chronicling her adventures eluding her Russian counterparts. This time she is put on a Russian’s oligarch’s yacht to try to figure out the cause of one of her fellow secret agent’s death in London. Emma is a delightful character and this book adds to her allure as someone who can kick ass when she needs to but still figure out the subtle tells of the spies around her. The yacht is sailing between Monaco and Barcelona and is the site of numerous near-mishaps and espionage moments that are just a joy to read. The supporting cast from the first book is back making the plot points even more compelling. Highly recommended.

Going to a protest? Here is your digital privacy survival kit

If you are thinking of attending a protest, take a few moments to review the EFF’s recommended strategies for protecting your digital assets and privacy in this blog post. It is  both an interesting document and a sad testimonial to the state of our present day that the document had to be written at all.

Here is the issue: police are increasingly counting on protesters’ cell phones to be used as evidence, so information on them — your contacts, your photos, your text messages — can be used against you. And not just during protests, either: border crossings can be problematic too. So as the scouts say, be prepared.

The suggestions span the gamut from things to do before you attend a protest, what to do during the protest, and what to do if you are arrested and if your phone and other digital devices are seized. EFF recommends leaving your regular phone at home and buying a burner that just has the Signal messaging app on it; Signal provides end-to-end message encryption, something that I spent some time thinking about. I put together a series of recommendations for business IT managers about how to enable and use this feature across other messaging services for SiliconANGLE earlier this summer.

One of the aspects of Signal is that you can use it to scrub the metadata from your photos. This is important if you intend to post any of the pictures online. You can also take screenshots of your photos if you don’t care about image quality.

There are other helpful suggestions too, such as taking pictures without unlocking your phone, and disabling the facial or fingerprint ID feature, in case a law enforcement officer forces you to unlock it. They explain: “Under current U.S. law using a memorized passcode generally provides a stronger legal footing to push back against a court order of compelled device unlocking/decryption.” They explain the difference between encrypting the data on the phone and encrypting an external SD memory card might require two different steps. And there are numerous suggestions on how to turn off location tracking, Bluetooth, and other radios. That may only be a temporary solution, however: once you turn these radios back on, your phone may send the stored data once you reconnect. The best solution is to turn your phone off entirely.

Finally, they sum everything up with this piece of advice: “It’s important to carry the bare minimum of data with you, and use the strongest level of encryption, when going into a risky situation like a protest.”

SiliconANGLE: California stays ahead on state privacy protection

California has become the latest state to enact a special law regulating how consumers can remove themselves from data brokers. The Delete Act was passed this week and it’s now up to Governor Gavin Newsom to sign it into law. But it has already led to similar laws and bills being proposed in other states in next year’s legislative sessions.

My summary of the past summer’s privacy laws enacted across the country, what makes California stand out, and the problem with data brokers all can be found in my latest piece for SiliconANGLE here.

SiliconANGLE: Deepfake cyberthreats keep rising. Here’s how to prevent them

As expected, this summer has seen a rise in various cybersecurity threats based on deepfake audio and video impersonations.

Despite warnings from the Federal Bureau of Investigation in June, it’s now quite common to experience these types of threats. The fakes are used to lend credibility to larger exploits, such as for a phishing email lure or a request from a superior. These can run the gamut of executive impersonation, performing various forms of financial fraud and obtaining stolen account credentials. My story for SiliconANGLE provides some perspective.