The company claims over 600 law enforcement agencies use their app, but in the wrong hands, it could pose extreme dangers. Here's an explainer.
Imagine you're at a bar and you see a person you find attractive.
You sneakily take a photo of them, and use that photo in an app that pulls up every public photo of that person available online. Links to each photo are also provided, meaning you can find out this person's name, workplace, hometown, friends, and more, without even talking to them. An app called Clearview AI has made the potential for this situation a reality.
Recently, New York Times reporter Kashmir Hill investigated the tiny start-up that's taking revolutionary steps in facial recognition technology. Clearview AI was developed by Hoan Ton-That, a San Francisco techie by way of Australia, who marketed the app as a tool for law enforcement to hunt down their victims. Clearview's database contains over three billion images scraped from millions of websites; the premise is, when you take a photo of a person, you can upload it and see public photos of that person and access links to where those photos are from.
Facial Crowd Recognition Technology Getty Images
Though this sounds like a remarkable tool for law enforcement, Clearview poses severe threats to privacy if placed in the wrong hands. As Hill described in her appearance on Times podcast The Daily this week, someone with malicious intent could theoretically take a photo of a stranger, upload it to Clearview, and uncover personal information like that person's name, where they work, where they live, and who their family members are. In short: the concept is so risky that companies who were able to do the same thing first, like Google, refused to.
Still, Clearview claims that over 600 law enforcement agencies have been using the app, although they've kept their list of customers private. Clearview's investors have cited the app's crime-solving capabilities as a means to back it; Clearview has already helped track down suspects on numerous accounts. But, as Hill's reports found, the app isn't always perfect and might not be fully unbiased; "After the company realized I was asking officers to run my photo through the app, my face was flagged by Clearview's systems and for a while showed no matches," Hill wrote. "When asked about this, Mr. Ton-That laughed and called it a 'software bug.'" Later, when Ton-That ran another photo of Hill through the app, it pulled up a decade's worth of photos—many of which Hill didn't even realize were public.
"Our belief is that this is the best use of the technology," Ton-That told Hill. But is Clearview's usefulness in law enforcement worth leaving our privacy behind every time we leave the house?
8 ways to protect yourself, right now
When I was studying in China, the other kids and I always freaked out when we were doing something illicit, like entertaining a Chinese friend or using an electric tea kettle, and the dorm attendant came knocking at the door. Clearly we were being surveilled. Over time, one of the things we grew to appreciate about the United States was our individual privacy. Obviously, since then, what seemed like an inviolable right has been casually thrown away like a pile of old VHS tapes. Where I once cherished my privacy, now I might as well be sprawled naked on the pavement in Times Square surrounded by my open passport, credit cards, bank statements, and diaries.
The Internet is an incredible tool, but it appeals to some of our worst tendencies: sloth, addiction, prurience. We love it because it's free, although of course, we're all paying a huge price. Even after debacles like Yahoo exposing the data of every single one of it's users, three billion in all, or the Cambridge Analytica-Facebook scandal, how many people actually deleted any accounts, changed their privacy settings or read the epic and stultifying privacy agreements on social media? In the United States, what business theorist Shoshanna Zuboff terms "surveillance capitalism" was allowed to develop largely unregulated, allowing companies, in particular Google and Facebook, who rely on mining personal data for revenue to become, according to the New York Times, an "emerging duopoly that today controls more than half of the worldwide market in online advertising."
This spring, the European Union enacted the General Data Protection Regulation, a sweeping law that requires companies use the highest possible privacy settings and disclose any type of personal data they are collecting. In June, California followed suit with its own Consumer Internet Privacy Act of 2018, the most robust in the nation. And federal regulations? Remember back in 2017—I know that seems like the Dark Ages with the current breakneck news cycle—when President Trump signed a repeal of an Obama-era law which, under the FCC, would have required broadband companies to get permission from their customers when they were collecting "sensitive data" such as browsing history and geolocation? In late July, the Commerce Department "began holding stakeholder meetings to identify common ground and formulate core, high-level principles on data privacy," according to a senior official speaking to Reuters. In other words, don't hold your breath waiting for federal legislation.
Even California's law doesn't go into effect until 2020. What can you do right now to protect your privacy? Here are some steps you can complete in under an hour that will beef up your computer or phone's security:
1. Turn off location tracking for all of your Apps. You can turn them on selectively when you need them (such as with Uber).
2. Install automatic updates. This way your software will have the latest security features.
3. Cover your webcam with a piece of tape or post it like Mark Zuckerberg does. We know he's an expert on shady ways to collect personal information.
4. Use a password on every computer and gadget, not just your phone. And make it at least six characters long and strong. 123456 or your birthday will simply not do.
5. Put your social media accounts on lockdown. Check your privacy settings. Don't make everything public. Share only within a verifiable group of friends.
6. Avoid using public wifi connections. They can be convenient but the information you transmit is not secure.
7. Don't give away personal information that you don't have to. Phone number? Address? Birthdate? Nope. Facebook does not need to know.
8. Delete your search history regularly. This is critical if you use shared computers such as at school or in a library.
Consumer Reports has a useful list of nearly 70 other steps you can take to protect your security and privacy.
Have more tips? Tweet us at The Liberty Project.