Friday, August 5, 2011

The Risks from the Right: Voter ID and ID Technology More Generally

“Notwithstanding Americans' resistance to a Real ID infrastructure, as consumers of social networks we have consented to a de facto Real ID that markets and information technology, rather than government and regulation, have created,”  - MSNBC.com, the Red Tape Chronicles
I like to look at the convergence of news events, making connections that other people miss.  We seem to have a certain degree of resistance in this country to a national ID.  I don't support a national ID either.  There is no persuasive evidence that we have a need for voter ID, or a problem with our elections and security.  But if we WERE to go to some form of confirmation of identity for voters, I would favor a record of a single fingerprint format used for ID recognition, like that used for access to some personal computers, rather than a photo ID.

This week, it includes the news that Rupert Murdoch owns a drone, an unmanned aircraft similar to military drones in Afghanistan and elsewhere, that his organization uses to fly over areas taking pictures of people and places. He has used it in the past to take unauthorized photos of private property in situations like flooding. Murdoch is facing trouble with authorities over his use of that equipment, because it violates current drone flight regulatins, but there is also concerns about invasions of privacy. It's not like Murdoch has a good track record in that department, with the expansion of cell phone hacking and now computer hacking on his plate.

Then we have the allegations that next door, the state of Wisconsin was requiring the presenatation of ID from voters in the recent primaries. While WI has passed a voter ID law, it does not go in effect until January 2012. Therefore, that was voter suppression, and illegal. It will be interesting, given all of the illegal and unethical activity in WI by the right, particularly that linked to those groups funded by the Koch brothers, if similar attempts by the right to suppress voters will continue next week in the majority of the primary elections.

So with the topic of IDs in mind, and privacy, and intrusion by Right wing forces and their money that would manipulate us for their gain, the possibilities outlined in this article were paricularly intriguing:
The Red Tape Chronicles,
Your Face and the Web Can Tell Everything About You
By Bob Sullivan

Imagine being able to sit down in a bar, snap a few photos of people and quickly learn who they are, who their friends are, where they live, what kind of music they like ... even predict their Social Security number.

Now, imagine you could visit one of those anonymous online dating sites and quickly identify nearly every person there, just from their photos, despite efforts to keep their online romance search a secret.

Such technology is so creepy that it was developed, and withheld, by Google — the one initiative that Google deemed too dangerous to release to the world, according to former CEO Eric Schmidt.

Too late, says Carnegie Mellon University researcher Alessandro Acquisti.

"That genie is already out of the bottle," he said Thursday, shortly before a presentation at the annual Las Vegas Black Hat hackers' convention that's sure to trouble online daters, bar hoppers and anyone who ever walks down the street.

Using off-the-shelf facial recognition software and simple Internet data mining techniques, Acquisti says he's proven that most people can now be identified simply through a photograph of their face — and anyone can do the sleuthing. In other words, our faces have become our identities, and there little hope of remaining anonymous in a world where billions of photographs are taken and posted online every month.

"If we were able to do it, anyone is able to do it," Acquisti said. “The goal here is not to generate fear, but we are very close to a point where the convergence of technologies will make it possible for online and offline data to blend seamlessly ... and for strangers on the street to predict certain information about you from your picture."

With some 2.5 billion photos per month posted to Facebook, odds are very good that you can be recognized, he said.

"For most of us, there is already a photo of us online. It is close to impossible to take this data back," he said.

Using the unnerving term "augmented reality,” Acquisiti conjures up disturbing scenarios that involve law enforcement officials, marketers and other strangers constantly marrying offline and online data. Observers could overlay detailed information like political affiliation on pictures of crowds at protests, for example, creating a scary new form of crowd control, he suggested. Meanwhile, facial images could succeed in creating a national ID where enhancements to driver’s licenses have repeatedly failed, said Acquisti in his report, titled “Privacy in the Age of Augmented Reality.”

“Notwithstanding Americans' resistance to a Real ID infrastructure, as consumers of social networks we have consented to a de facto Real ID that markets and information technology, rather than government and regulation, have created,” it said.

Anyone who's ever posted a photo on a supposedly anonymous dating site has encountered the very real fear that a friend or co-worker might recognize them from their profile picture. That risk can be roughly calculated, however, and assessed. Most users take comfort that their profile will be "lost in a crowd," with thousands of others in that age group and city making their risk of exposure low.

But Acquisti found that the convergence of facial recognition software with social networks like Facebook tilt those odds wildly in favor of the would-be exposer, or stalker.

Acquisti searched for dating site users within 50 miles of a zip code, found about 6,000, and then found 110,000 Facebook profiles where users said they lived near that same zip code. After eliminating some profiles that didn't match his criteria, he instructed computers to churn through about 500 million pairs of possibilities.

It would take a human about 2 million hours to compete such a task, but Carnegie Mellon's cloud computing cluster got results in about 15 hours. One in 10 members of the dating site were positively "outed" by the database search. A bit of fine-tuning — limiting the geographic area further or allowing approximate matches — produced even better results. And one sobering reminder: The researchers didn't even need to log in to Facebook to get these results.

In other words, you can't get lost in a crowd anymore.

“(The technologies) make possible a world of personally predictable information, linkable from someone's face, through end-users' devices connected to the Internet,” the report concludes. “While anyone posting facial images of themselves on the Internet must realize that they may be recognized by strangers or friends, the possibility might seem remote." Now, it’s not, the report argues.

Acquisti's team enjoyed even better results when they could obtain photographs themselves for matching purposes. Random students who agreed to be photographed on the Pittsburgh campus of Carnegie Mellon could be positively identified at three times the initial rate — or more than 30 percent.

'Freaky'

The researchers didn't stop there. Next, they linked the photos and names to student likes and dislikes gleaned from their profiles, with about 75 percent accuracy. Then, they combined this effort with work Acquisti had done in 2009 on predicting Social Security numbers, and found that they could predict the Social Security number for 28 percent of the subjects within four guesses. Finally, they built a mobile phone application that could achieve the same results while wandering around campus.

To refresh: Starting from a mere photo, they were able to determine name, friends, even SSNs.

"This is freaky," one student told the researchers. Said another, "(I'm) surprised and shocked with the accuracy."

One interesting side note — one in two participants believed, incorrectly, that their Facebook picture was invisible to strangers. (Facebook doesn't allow privacy limitations on profile images.) Only 10 percent made the rest of the profile information viewable to strangers, meaning they obviously care about privacy.
The researchers said the technologies will soon “democratize surveillance,” as sinking costs make peer-to-peer facial recognition cost effective and available to everyone.

Acquisti's tests aren't fool-proof — campus participants agree to full, frontal face photos, which are much easier for face recognition software to analyze. In real life, and even on Facebook, photos aren’t always so easy to use. But it's obvious what direction all this technology is headed in — making it harder and harder for people to find places to hide.

"We used to feel we were safe in a crowd," Acquisti said. "What concerns me most is what our brains tell us about being private in a large group like that. We think we can stay anonymous, but now, I don't think we can."
Companies like Facebook and Google have been flirting with facial recognition for a while, and have sometimes received a lot of negative publicity for doing so. On Tuesday, for example, the German government asked Facebook to disable its automated photo tagging feature that utilizes facial recognition software to determine who’s in photos that are posted to the site. (Click here for instructions on how to turn this off for your account.)

In July, Google acquired Pittsburgh facial recognition firm PittPatt, which makes the software Acquisti used in his research. In 2006, Google acquired image recognition company Neven Vision, and already includes the technology in its Google Goggles product, which lets mobile phone users upload pictures and ask Google for help identifying them. Earlier this year, Neven Vision founder and Google employee Hartmut Neven said the firm was working on incorporating facial recognition into the tool, but the company has issued several statements saying it has no plans to do so unless “strong privacy protections are in place.”

Of course, it’s easy to think up positive applications for such technologies – the ability to find dangerous criminals or terrorists in crowds, for example. Even online daters might trade privacy for the reassurance that prospective dates aren’t lying about their background.

But it’s just as easy to imagine more sinister uses. Here’s one: The marriage of face recognition to voter registration lists could have political activists wandering the streets on Election Day, picking out registered voters and escorting them to polling places.

There isn’t much consumers can do to ward off these potential privacy invasions, Acquisti said, given how many pictures are already online. Even efforts to blur faces, or avoid posting pictures altogether, probably wouldn’t work: “Nearly all of us have a picture online that’s connected to our name,” he said.

Despite Google’s apparent self-restraint, it’s also probably impossible to stop the technology from being developed, Acquisti warned. Instead, policy-makers should immediately start debating how facial recognition can be used.
“Do we want to think in terms of policies that can stop its abuse? How would we do that? It’s an incredibly difficult question to answer,” he said. “I’ve thought about this for several years and ... there is no obvious, clear solution.”
Ware facing widespread intrusions into our privacy, intrusions by right wing government policies, and intrusion by private entities seeking to use our information to further THEIR goals, not to benefit US.  In that context, we should ALL be pushing back, pushing back against right wing nut intrusion, pushing back against the likes of Rupert Murdoch and his drones and hacking, and pushing back against intrusive social media and intrusive technology.  In doing so I believe we should make more severe the penalties for such intrusion, and especially, push back against the institutionalization of right wing conspiracy theory driven policies - WHEREVER they encroach on us.  It should come as a surpris to NO ONE that those with deep pockets on the right both fund the right wing intrusive policies and politicians, and also directly benefit from and manipulate invasions into our privacy.

7 comments:

  1. Couple things here. This isn't a right left deal, the New York Times has been caught illegally intercepting phone calls also. They also printed part of the Afghanistan stuff from Wikileaks even though they knew it was obtained illegally. So don't act like Murdoch is the only one doing this stuff, he has about 153,000 employees worldwide and there is a very good chance he had no idea what the paper in England was doing.

    As far as the facial recognition stuff, here is what I found about the computer that could sift through all that in 15 hrs.
    "Greg Ganger, professor of electrical and computer engineering and director of Carnegie Mellon's Parallel Data Lab, said the new computing cluster, which has 159 servers and 1,165 processing cores, was made possible by Intel's generous donation of CPUs and money. The cluster has 2.4 trillion bytes, or terabytes, of memory and almost 900 terabytes of storage. A contribution by APC of power management and cooling systems also was crucial for building and operating the cluster."

    If Carnegie-Mellon had to rely on donations to build it then not very many people in the world are going to have access to that kind of processing power. However, processors have been making big leaps every 2-3 yrs so in 6-7 yrs expect your desktop to be able to do the facial recognition faster than the Carnegie-Mellon cloud.:)

    ReplyDelete
  2. When was it Tuck the NY Times was caught illegally intercepting phone calls? I don't recall it, and a google search did not turn up anything for me.

    Murdoch's organization, based on the arrests, clearly knew it was wrong - given the apparent bribery scandal of the police; and they appear to have done it on a wide scale. I put what the NYTimes did with wikileaks more on a par with releasing the pentagon papers on viet nam. Murdoch has been far more partisan and far more manipulative of politics, here and in the UK, especially in the UK, far more than anything one can claim of the Times. Las Vegas apparently uses facial recognition to an amazing degree; so if anyone has the personal assets to duplicat that corporate use - or the corporate assets - then what you cite about the carnegie mellon lab is still reasonably consistent with Murdoch's resources, and pretty much no one else's.

    ReplyDelete
  3. FYI (from your sidebar link) about the upcoming Wisconsin Recall Elections:

    ... investigations are also under way in Milwaukee to determine whether Wisconsin Right to Life and Wisconsin Jobs Now broke state election laws by illegally bribing voters. Wisconsin Right to Life gave out gift and gas cards to volunteers who successfully got voters to complete absentee ballot applications in the 8th district.

    Wisconsin Jobs Now came under fire for hosting several get-out-the-vote “block parties” where they gave out free food and prizes, as well as providing free rides to the polls.”


    OK ... think about ... match a photo ID to the "hungry person" and offer a ride to the polling place.

    Gosh, at least in the Iowa Straw Poll "voters" must have a ticket ... so campaigns will hire buses, give them a ticket and a meal ... sometimes the tickets are free (T-Paw) .... sometimes the individual must pay ... or in the middle (Ron Paul only asks $10 bucks for a ticket ... but if you give more, you get a signed book and give even more and you get a book signed by both Ron and Rand Paul. At least that is a "straw poll" which does not have any consequences ... the elections on Tuesday will.

    ReplyDelete
  4. Here is a link to the article. I did have a detail wrong (it was several months ago I read the article). The couple intercepted and recorded a phone call, gave it to a congressman, who gave it to the Times, who put it on the front page.

    http://www.nytimes.com/1997/04/24/us/florida-couple-are-charged-in-taping-of-gingrich-call.html?ref=alicehmartin

    Yes it was 14 yrs ago but still was the exact same thing the tabloid in England was doing (intercepting and printing private conversations) and was against the law then just as it is now. The main difference is the Times could claim they did not know it was illegally obtained. Now from what I have read about intercepting cell phone calls unless you have a warrant it is illegally obtained so I don't see how the Times got away with that excuse but they did.

    ReplyDelete
  5. Tuck, it is not even close to the same thing.

    That is nothing like the New York Times publishing a one time instance of a cell phone security breach a decade and a half ago, supplied to them third hand which they did not order and for which they did not pay, much less bribe anyone, and for which there was no intentional violation of law or privacy, nor was it done to get a systematic jump on their competition, tabloid style.

    Murdoch and his bunch did so for years, doing this to thousands upon thousands of people, in order to exploit the information. They further participated in what appears to be a covery up, and may continue to be a cover up, and they paid for legal expenses for the people who did it.

    So........tell me again? HOW was what the New York Times similar to Murdoch? The NYTimes has standards, and an excellent professional reputation. The Murdoch empire is pretty much slime and scum, appealing to the lowest propaganda denominator, with no standards for factual reporting or ethics. Lots of politics playing, lots of propaganda, lots of exploitation and manipulation, around the world, in both print and broadcast media.

    What similar empire does the NY Times belong to, exactly? What one individual directs it?

    ReplyDelete
  6. Tuck,

    I have to agree entirely with DG.

    The conduct of NY Times in this case was as a third party recipient of information which they had no idea the origin, didn't pay for the data, didn't encourage a bribe, didn't wilfully engage in illegal activity.

    The story you've referenced is an extreme strech trying to paint as similar conduct something which is totally dissimilar except in that a wiretap was used for data. There is a term in law called "Mens Rea", meaning guilty mind - in fraud law it means you are TRYING to cheat someone who loses money as opposed to someone who loses money on an investment you gave them which you entirely believed in. The former is a crime, the other unfortunate. Claiming the conduct of the one is equal to the other is a farce.

    The better, further question though is, why would you believe this kind of tripe? NY Times has a history of extraordinary ethical journalistic conduct. They've fired journalists who engaged in improper conduct, they've self reported when they violate law or ethics, including getting rid of Judith Miller when she was far more cozy with the Bush administration than she should have been.

    Even IF the NYT isn't pure, which some would argue, the fact is the conduct isn't close to the same here. Murdoch's news editors ENCOURAGE bias, encourage misconduct, misreport, editorialize, almost without relent. Other news groups fight against bias, try to offer opposing views, prohibit their reporters from offering opinion when offering news, etc.. All organizations have bias, but most attempt to stay away from it in their news stories, whereas NewsCorp embraces it. They have a widespread, systemic, pervasive record of shabby conduct, and even more shabby reporting. It is the difference between acknowledging you sin, and fighting against it, and someone else who says, "I can't stop, so why try, let's go rob some MORE, rape some more, kill some more, others do it, so I can too."

    It's basely unethical, and ENTIRELY why others find NewsCorp to be so vile.

    ReplyDelete
  7. Thanks Pen; Tuck's comparison in fact sounds like EXACTLY the sort of bogus information that is heard from Fox News, Rush Limbaugh, and the rest of the factually and ethically challenged right wing media that promotes propaganda, but erroneously labels it 'news'.

    What continues to boggle my mind is 1. why ANYONE, of any political stripe, would give them credence at all or waste their time on them, with their record of inaccuracy and hateful bias; and 2. WHY do the people who DO give these jerks the time of day not fact check them for themselves?

    Clearly from the link Tuck provided, the information that directly contradicted his description of the NYTimes (as distinct from say the London Times or other organizations with Times in the name) was right there, IN THE LINKED MATERIAL. It took minimial reading and less application of critical thinking to pinpoint the essential differences between the Murdoch Scandal and what the NYTimes did.

    ReplyDelete