脸上的大生意
面部识别软件是一种强大的技术,对公民自由构成严重的威胁。与此同时,面部识别也是一个蓬勃发展的行业。如今,数十家初创企业和科技巨头的服务销售对象包括酒店、零售店,甚至学校和夏令营。新算法能够比五年前更精确地识别面部,相关业务也蒸蒸日上。为了改进算法,多家公司经常在未经许可的情况下利用数十亿张面部照片训练。事实上,你自己的脸就可能在面部识别公司利用的“训练库”里,也可能在公司客户的数据库里。
如果得知一些公司如何获取面部照片,消费者可能会吃一惊。举例来说,至少三个案例显示,科技公司通过人们手机上的照片应用程序弄到了数百万张图片。目前,对面部识别软件几乎没有法律限制,所以人们也没有什么办法阻止公司偷偷使用自己的面部数据。
2018年,华盛顿附近的机场廊桥里,乘客们匆匆走出,一台摄像机在附近拍摄人们的脸。事实上,飞机和乘客都不是真的。整个场景只是美国国家科学技术研究所(NIST)用来演示“在自然环境下”装置如何收集面部图像。收集到的照片也成为NIST反复提及的竞争优势,全球各地的公司都可以使用该装置测试自家的面部识别软件。 |
Facial recognition software is a powerful technology that poses serious threats to civil liberties. It’s also a booming business. Today, dozens of startups and tech giants are selling face recognition services to hotels, retail stores—even schools and summer camps. The business is flourishing thanks to new algorithms that can identify people with far more precision than even five years ago. In order to improve these algorithms, companies trained them on billions of faces—often without asking anyone’s permission. Indeed, chances are good that your own face is part of a “training set” used by a facial recognition firm or part of a company’s customer database.
Consumers may be surprised at some of the tactics companies have used to harvest their faces. In at least three cases, for instance, firms have obtained millions of images by harvesting them via photo apps on people’s phones. For now, there are few legal restrictions on facial recognition software, meaning there is little people can do to stop companies using their face in this manner.
In 2018, a camera collected the faces of passengers as they hurried down an airport jetway near Washington, D.C. In reality, neither the jetway nor the passengers were real; the entire structure was merely a set for the National Institute for Science and Technology (NIST) to demonstrate how it could collect faces “in the wild.” The faces would become part of a recurring NIST competition that invites companies across the globe to test their facial recognition software. |
在拍摄乘客下机的案例中,志愿者均已经同意使用自己的脸。这也是面部识别早期的方式。学术研究人员在获得允许之后,才能将拍摄到的面部加入数据库。如今,各大公司在面部识别方面更加领先,所以不太可能明确请求使用某些人的脸,有些公司根本连问都不问。
包括Face++和Kairos等行业领袖在内,各家公司都在面部识别软件市场竞争。市场调研公司Market Research Future称,该市场每年增长20%,预计到2022年将达到每年90亿美元。其商业模式包括向越来越多的客户授权使用软件,客户包括从执法部门到零售商等,主要使用识别软件运行自己的面部识别程序。
开发顶尖软件的竞争中,胜出的公司必然要算法精确度很高,可以迅速识别面部,尽量减少所谓误报。与人工智能其他领域一样,要开发出最好的面部识别算法,就得收集大量数据,也就是面部图像用来训练。虽然公司经批准后可以使用政府和大学整理的数据,例如耶鲁大学面部数据库,但相关数据规模相对较小,面部图像不超过几千张。
官方数据还有其他限制。很多数据库缺乏种族多样性,或者没有阴影、帽子或化妆品等现实世界中可导致面部变化的场景。为了打造能“在自然环境中”识别面部的技术,公司需要更多图像。要比现在多得多。
“数百张不够,数千张也不够。需要数百万的图像。如果你不用戴眼镜的图像或有色人种图像训练算法,结果不会很准确。”加州面部识别公司FaceFirst的首席执行官彼得·特雷普说。FaceFirst主要帮助零售商识别进入商店的罪犯。 |
In the jetway exercise, volunteers gave the agency consent to use their faces. This is how it worked in the early days of facial recognition; academic researchers took pains to get permission to include faces in their data sets. Today, companies are at the forefront of facial recognition, and they’re unlikely to ask for explicit consent to use someone’s face—if they bother with permission at all.
The companies, including industry leaders like Face++ and Kairos, are competing in a market for facial recognition software that is growing by 20% each year and is expected to be worth $9 billion a year by 2022, according to Market Research Future. Their business model involves licensing software to a growing body of customers—from law enforcement to retailers to high schools—which use it run facial recognition programs of their own.
In the race to produce the best software, the winners will be companies whose algorithms can identify faces with a high degree of accuracy without producing so-called false positives. As in other areas of artificial intelligence, creating the best facial recognition algorithm means amassing a big collection of data—faces, in this case—as a training tool. While companies are able to use the sanctioned collections compiled by government and universities, such as the Yale Face Database, these training sets are relatively small and contain no more than a few thousand faces.
These official data sets have other limitations. Many lack racial diversity or fail to depict conditions—such as shadows or hats or make-up—that can change how faces appear in the real world. In order to build facial recognition technology capable of spotting individuals “in the wild,” companies needed more images. Lots more.
“Hundreds are not enough, thousands are not enough. You need millions of images. If you don’t train the database with people with glasses or people of color, you won’t get accurate results,” says Peter Trepp, the CEO of FaceFirst, a California-based facial recognition company that helps retailers screen for criminals entering their stores. |
****
用应用程序收集面部图片
公司从哪可以获得数百万图像来训练软件?来源之一是警方的嫌疑人照片库,库可以从机构公开获取,也有私人公司出售。例如,总部位于加利福尼亚州的Vigilant Solutions便提供1500万张面部图像的数据库,也是该公司提供面部识别“解决方案”的一部分。
然而,一些初创公司发现了更好的面部图像来源,即个人相册应用。类似应用可以协助存储个人手机上的照片,通常包含同一个人的各种姿势,以及在多种环境下的照片,为培训算法提供了丰富的数据来源。
“我们的用户照片包括同一个人在数千种不同场景里的样子。站在阴影里,戴帽子,各种各样……”旧金山面部识别公司Ever AI 的首席执行官道格·阿莱说,2012年该公司成立时名叫EverRoll,主要帮用户管理大量的相册。
Ever AI从科斯拉风险投资公司和硅谷其他风投手里融到了2900万美元,也参加了最近NIST组织的面部识别竞赛,在“嫌疑犯照片”类别中排名第二,在“自然环境中面部”类别排名第三。阿莱认为成功的原因是拥有巨大的照片数据库,Ever AI估计有130亿张照片。
Ever AI在刚成立时只是个照片应用程序,其市场推广策略非常激进,引起了争议,并导致2016年苹果把它从应用商店下架。该应用最过分的是诱导用户向所有电话联系人发送推广链接,该策略在硅谷被称为“增长黑客”。用户还指责应用吞掉自己的数据。
“刚下载应用,第一件事就是收集所有电话号码,立即给所有人发信息……然后就开始收集所有照片并上传到云端。” 2015年得克萨斯州肖像工作室老板格雷格·米勒在Facebook上发表的评论里写道。
四年后,米勒沮丧地发现曾经叫Everroll的应用程序还是存有自己的照片,而且摇身一变成了面部识别公司。
“不,我不知道(应用在收集照片),我一点也不同意。” 米勒对《财富》杂志说,“种种现状说明了一个真正的问题。再也没有隐私可言,想到这我真是不寒而栗。”
Ever AI的首席执行官阿莱表示,公司数据库里不会分享用户个人信息,只用照片训练软件。他补充说,该公司类似社交媒体网络,人们可以选择退出。阿莱也否认Ever AI从一开始就想做面部识别,退出现已关闭的照片应用只是商业决策。目前,Ever AI的客户利用软件从事一系列活动,包括企业ID管理、零售、电信和执法等。
Everroll并不是唯一从照片应用转型面部识别的公司。另一个例子是总部位于旧金山的Orbeus,2016被亚马逊悄然收购,该公司曾经开发出很受欢迎的照片管理工具,叫PhotoTime。
一位长期在Orbeus工作的员工表示,该公司的人工智能技术领先,又拥有大量公共环境下的用户照片,所以成为理想的收购目标。
“亚马逊缺的就是这些,所以全盘收购,然后关闭了应用程序。”该员工表示,他拒绝透露身份,因为有保密协议。
如今,虽然亚马逊仍在继续销售另一款由Orbeus开发名为Rekognition的产品,但当初的PhotoTime应用已经不复存在。Rekognition也是一款面部识别软件,供执法部门和其他组织使用。
至于Orbeus的照片应用如何用于训练Rekognition,亚马逊拒绝透露细节,只说从各种来源获取数据供面部识别在内的人工智能项目使用。该公司补充说,不会使用Prime会员的照片训练算法。
另一家使用消费者照片应用训练面部识别算法的是Real Networks。该公司总部位于西雅图,20世纪90年代曾经以在线视频播放器而闻名,现在专门开发能够在学校里识别孩子面部的软件。该公司还提供一款针对家庭叫RealTimes的智能手机应用,一位评论人士表示该应用正是获取面部数据的接口。
“在该应用里,用户可用自己照片制作视频幻灯片。想象一下,妈妈做视频幻灯片发送给奶奶,相关图片被用来训练数据识别下一代的脸。太可怕了。”乔治敦大学教授克莱尔·加维说,他发表了一篇关于面部识别技术颇有影响力的报告。
Real Networks证实了照片应用有助于改进其面部识别工具,但补充说也使用了其他数据源。
在公司使用照片应用获取面部照片训练数据的各种案例里,都没有明确征求消费者的许可。相反,各公司似乎通过服务协议获得了法律许可。
然而,比起其他一些面部识别公司,利用照片应用获取数据的公司已经算得上很努力。在NIST负责面部识别竞赛的帕特里克·格洛特说,面部识别公司通常会编写一些程序,从SmugMug或Tumblr之类网站直接“抓取”图片。此类情况下,公司更没有必要向面部照片被用于训练数据的用户征求同意。
最近,美国国家广播公司(NBC)的一篇报道重点批评了类似的“自助抓取”做法,道详细描述了IBM如何从照片共享网站Flickr中抓走超过100万张面部照片,用作人工智能研究。(IBM研究部门负责人工智能技术的约翰·史密斯告诉NBC,该公司将努力“保护个人隐私”,只要有人希望删除自己的数据,都会积极配合。)
面对种种情况,人们不禁产生疑问,各公司如何保护收集的面部数据,政府是否应该加强监督。随着面部识别在社会上的更多领域里应用,推动大小公司业务发展,相关问题也更加紧迫。 |
An App for That
Where might a company obtain millions of images to train its software? One source has been databases of police mug shots, which are publicly available from state agencies and are also for sale by private companies. California-based Vigilant Solutions, for instance, offers a collection of 15 million faces as part of its facial recognition “solution.”
Some startups, however, have found an even better source of faces: personal photo album apps. These apps, which compile photos stored on a person’s phone, typically contain multiple images of the same person in a wide variety of poses and situations—a rich source of training data.
“We have consumers who tag the same person in thousands of different scenarios. Standing in the shadows, with hats-on, you name it,” says Doug Aley, the CEO of Ever AI, a San Francisco facial recognition startup that launched in 2012 as EverRoll, an app to help consumers manage their bulging photo collections.
Ever AI, which has raised $29 million from Khosla Ventures and other Silicon Valley venture capital firms, entered NIST’s most recent facial recognition competition, and placed second in the contest’s “Mugshots” category and third in “Faces in the Wild.” Aley credits the success to the company’s immense photo database, which Ever AI estimates to number 13 billion images.
In its earlier days, when Ever AI was a mere photo app, its aggressive marketing practices created controversy and temporarily led Apple to ban EverRoll from the App Store in 2016. Notably, the app induced users to send promotional links to all of their phone contacts, a tactic known as “growth hacking” in Silicon Valley parlance. Users also accused it of gobbling their data.
“The first thing it does even as it is installing is to harvest all your phone numbers and immediately message everybody… This thing then starts to pull all your photos and put them into the cloud,” wrote Greg Miller, a Texas-based portrait studio owner, in a 2015 Facebook review.
Four years later, Miller was dismayed to discover that the app once known as EverRoll still had his photos, and that it was now a facial recognition company.
“No, I was not aware of that, and I don’t agree with it one bit,” Miller tells Fortune. “All of this being tracked is a real problem. Nothing is private anymore and that just scares the hell out of me.”
Aley, the Ever AI CEO, says the company doesn’t share identifying information about individuals in its database, and only uses the photos to train its software. He added the company is akin to a social media network from which people can opt out. Aley also denied that Ever AI had intended to become a facial recognition company from the get-go, saying the move away from the now-shuttered photo app was a business decision. Currently, Ever AI’s customers are using it for a range of activities, including corporate ID management, retail, telecommunications, and law enforcement.
EverRoll is not the only facial recognition company that once offered a consumer photo app. Another example is Orbeus, a San Francisco-based startup quietly acquired by Amazon in 2016, which once offered a popular picture organizer called PhotoTime.
According to a longtime Orbeus employee, the startup’s A.I. technology and its large collection of photos with people in public settings made it an appealing acquisition target.
“Amazon was looking for that capability. They acquired everything, then shut down the app,” says the employee, who declined to be identified, citing non-disclosure agreements.
Today the PhotoTime app no longer exists, though Amazon continues to sell another Orbeus product known as Rekognition. The product is a type of facial recognition software used by law enforcement and other organizations.
Amazon declined to provide details about the extent to which Orbeus’s photo app was used to train the Rekognition software, only stating it obtains data for its A.I. projects, including facial recognition, from a variety of sources. The company added it does not use its customers’ Prime photo service to train its algorithms.
Another company that uses a consumer photo app to train its facial recognition algorithm is Real Networks. The Seattle-based company, once known for its 1990s-era online video player, today specializes in software that can recognize children’s faces in schools. At the same time, it offers a smartphone app aimed at families called RealTimes, which one critic says has served as a pretext to obtain facial data.
“The app allows users to make video slideshows of their own photos. Imagine mom putting together a video slide show to send to grandma, and those images being used to train a dataset to use on young faces. It’s pretty horrible,” says Clare Garvie, a Georgetown University professor who published an influential report on facial recognition technology.
Real Networks confirmed the photo app helps improve its facial recognition tool, but added that it uses additional data sources for the purpose.
In all of these cases where companies used a photo app to harvest faces for training data, they didn’t ask for consumers’ explicit permission. Instead, the firms appear to have obtained legal consent through their terms of service agreements.
This is, however, more than what some other facial recognition companies have done. According to Patrick Grother, who runs the face competitions at NIST, it’s common for facial recognition companies to write programs that “scrape” pictures from websites like SmugMug or Tumblr. In these cases, there is not even a pretext of consent from those whose faces end up in training sets.
This “help yourself” approach was underscored by a recent NBC News report detailing how IBM siphoned more than one million faces from the photo sharing site Flickr as part of the company’s artificial intelligence research. (John Smith, who oversees AI technology for IBM’s research division, told NBC News that the company was committed to “protecting the privacy of individuals” and would work with those who sought removal from the dataset.)
All of this raises questions about what companies are doing to safeguard the facial data they collect, and whether governments should provide more oversight. The issues will only be become more pressing as facial recognition spreads to more areas of society, and powers the business of companies large and small. |
****
从商店到学校
面部识别软件并不是新鲜事物。20世纪80年代美国数学家开始将人脸定义为一系列数值,用概率模型寻找匹配时,该技术的原始版本就已经存在。在2001年的橄榄球冠军赛超级碗上,佛罗里达州坦帕市的保安人员便已应用,赌场则已经使用多年。但过去几年里情况出现了变化。
“面部识别正经历一场革命。” NIST的格洛瑟表示。他补充说,快速闪过或像素差的图像提升最大。“基础技术已经改变。旧技术已经被新一代算法取代,而且非常有效。”
面部识别的革命得益于广泛改变人工智能领域的两大因素。第一项因素是新兴的深度学习科学,模仿人脑的模式识别系统。第二项因素则是史无前例的海量数据,借助云计算可以实现低成本存储解析数据。
毫无疑问,最先充分利用各项新技术的公司是谷歌和Facebook。2014年,社交网络Facebook推出了名叫DeepFace的项目,可以识别两张脸是否属于同一个人,准确率为97.25%,与人类水平相当。安全公司Gemalto的数据显示,一年后谷歌的facenet程序准确率达100%。
如今,谷歌、Facebook和微软等其他科技巨头在面部识别方面都处于领先地位,主要原因是巨头拥有庞大的面部数据库。不过,随着越来越多的初创公司在逐渐增长的面部识别软件市场上寻找突破,识别准确度方面得分也很高。
仅在美国就有十几家从事该业务的初创公司,其中包括Kairos和FaceFirst。市场研究公司PitchBook称,硅谷正在扎堆进入该行业,该公司还披露了过去几年发生的数十宗投资交易。据PitchBook的数据显示,过去三年平均总投资金额7870万美元。按照硅谷标准,这一数字算不上太亮眼,但能够看出风险投资人在下重注赌其中一些初创公司会迅速成长为大公司。 |
From Shops to Schools
Facial recognition software is not new. Primitive versions of the technology have existed since the 1980s when American mathematicians began defining faces as a series of numerical values, and used probability models to find a match. Security personnel in Tampa, Fla. deployed it at the 2001 Super Bowl and casinos have used it for years. But in the last few years, something changed.
“Facial recognition is undergoing something of a revolution,” says Grother of NIST, adding the change is most pronounced with fleeting or poor quality images. “The underlying technology has changed. The old tech has been replaced by a new generation of algorithms, and they’re remarkably effective.”
This revolution in facial recognition comes thanks to two factors that are transforming the field of artificial intelligence more broadly. The first is the emerging science of deep learning, a pattern recognition system that resembles the human brain. The second is an unprecedented glut of data that can be stored and parsed at low cost with the aid of cloud computing.
The first companies to take full advantage of these new developments, unsurprisingly, were Google and Facebook. In 2014, the social network launched a program called DeepFace that could discern if two faces belonged to the same person with an accuracy rate of 97.25%—a rate equivalent to what humans scored on the same test. A year later, Google topped this with its FaceNet program, which obtained a 100% accuracy score, according to security firm Gemalto.
Today, those companies and other tech giants like Microsoft are leaders in facial recognition—in no small part because of their access to large databases of faces. A growing number of startups, though, are also posting high accuracy scores as they seek a niche in a growing market for face software.
In the U.S. alone, there are more than a dozen such startups, including Kairos and FaceFirst. Silicon Valley has been flocking to the sector, according to market researcher PitchBook, which reveals dozens of investment deals taking place in the last few years. The average total investment in the last three years is $78.7 million, according to PitchBook. This is not an eye-popping number by Silicon Valley standards, but reflects a significant bet by venture capitalists that at least a few facial recognition startups will mushroom into major companies. |
面部识别公司的商业模式仍然在不断出现。现在多数公司的模式为授权一些组织机构使用软件。根据Crunchbase的数据,Ever AI和FaceFirst之类的初创公司的年收入尚可,从200万美元到800万美元不等。同时,亚马逊和其他科技巨头没有透露收入当中有多少来自于面部识别软件使用许可费。
多年来,最愿意为面部识别付钱的客户是执法机构。不过,最近越来越多的组织,包括沃尔玛也在使用此类软件识别了解走进实体店的人。
加州的FaceFirst客户情况也差不多,其主要销售对象为数百家零售商,包括一美元店和药店等。该公司的首席执行官特雷普说,大部分客户使用该技术识别进店的犯罪分子,不过零售商也有其他目的,例如识别VIP客户或员工。
与此同时,看起来亚马逊正在努力为面部识别寻找商业模式。有报道称,亚马逊除了向警察部门出售使用许可,也跟酒店合作加快办理入住手续。
“各地的公司都来找亚马逊说:‘希望你们实现这项功能。’借此我们就会发现最合适的机会。兴趣真是各种各样。”亚马逊收购面部识别公司Orbeus时加入亚马逊的一位匿名人士表示。
就亚马逊而言,种种努力并非毫无争议。去年7月,美国公民自由联盟对其软件进行了测试,根据重罪犯人数据库测试识别国会议员的脸。结果错误识别了28次,其中大多数涉及有色人种议员。作为回应,美国公民自由联盟呼吁禁止执法人员使用面部识别技术。与此同时,亚马逊的员工也向公司施压,要求证明向警察部门以及美国移民和海关执法部门销售软件的正当性。
美国国会的一些成员,包括众议员杰罗德·纳德勒(纽约州)和参议员罗恩·怀登(俄勒冈州),已经要求政府问责办公室调查面部识别软件的使用。企业领导人也对该技术的应用感到不安,其中包括微软总裁布拉德·史密斯,去年12月他也曾经呼吁政府出手监管。
即便外界越发关注,公司还是能够找到新的应用场景实现销售,面部识别技术也随之不断扩大应用范围。其中就包括家庭照片应用开发商Real Networks,目前该公司向全美国的K-12学校免费提供软件。公司表示有数百所学校正在使用。在接受《连线》杂志采访时,该公司的首席执行官罗布·格拉泽说,之所以推进该计划,是为了解决有关学校安全和枪支管制的争论而采取的非党派解决方案。目前,Real Networks的网站正在宣传其技术,宣称活动主持人可用来“识别每位粉丝、客户、员工或客人”,哪怕脸遮住了也能够认出来。 |
Business models for facial recognition companies are still emerging. Today, most revolve around licensing software to organizations. According to data from Crunchbase, annual revenue for startups like Ever AI and FaceFirst is relatively modest, ranging from $2 million to $8 million. Amazon and the other tech giants, meanwhile, have not disclosed how much of their revenue comes from licensing facial recognition.
For years, the most avid paying customers for facial recognition has been law enforcement agencies. More recently, though, a growing number of organizations, including Wal-Mart, are using the software to identify and learn more about the people who enter their physical premises.
This is certainly the case for customers of California-based FaceFirst, which sells facial recognition software to hundreds of retailers, including dollar stores and pharmacies. Its CEO, Trepp, says the bulk of his clients use the technology to screen for criminals coming into their stores but, increasingly, retailers are testing it for other purposes such as recognizing VIP customers or identifying employees.
Amazon, meanwhile, appears to be casting a wide net in its efforts to find a business models for face recognition. In addition to selling to police departments, the retail giant is reportedly working with hotels to help them expedite check-in procedures.
“Companies from all over are coming to Amazon and saying, ‘This what we’d like you to do’. Then you figure out that’s your sweet spot. The interest is all over the place,” says the unnamed person who joined Amazon when the company acquired Orbeus, the facial recognition firm.
These efforts, in the case of Amazon, have not been without controversy. Last July, the ACLU tested the company’s software by running the faces of every member of Congress against a database of convicted felons. The test resulted in 28 false positives, the majority of which comprised Congressional members of color. In response, the ACLU called for a ban on the use of facial recognition technology by law enforcement. Meanwhile, Amazon’s own employees have pressed the company to justify the sale of the software to police departments and to U.S. Immigration and Customs Enforcement.
Some members of Congress, including Rep. Jerrold Nadler (D-N.Y.) and Sen. Ron Wyden (D-Ore.), have since asked the Government Accountability Office to investigate the use of facial recognition software. Corporate leaders are also uneasy about the technology’s applications. Among them: Microsoft president Brad Smith, who in December called for government regulation.
But even as concern mounts, use of facial recognition technology is expanding as companies find new and novel applications for which to sell it. These include Real Networks, the maker of the family photo app, which is offering its software for free to K-12 schools across the country. The company says hundreds of schools are now using it. In an interview with Wired magazine, CEO Rob Glaser says he began the initiative as a non-partisan solution to the debate over school safety and gun control. Currently, Real Networks’ website is touting its technology as a way for event hosts to “recognize every fan, customer, employee, or guest”—even if their face is covered. |
Real Networks并不是唯一针对儿童开发面部识别产品的公司。得克萨斯州的一家初创公司Waldo正在向数百所学校以及儿童运动联盟和夏令营提供技术。实际应用时,要使用Waldo的软件扫描摄像机或官方摄影师拍摄的图像,然后将孩子的脸与父母提供的图像数据库匹配。不愿参与的父母可以选择退出。
首席执行官罗德尼·赖斯说,学校每年都要拍摄数万张照片,年鉴上只能够看到少数几张。他说,面部识别是一种有效的方法,可以将剩下部分的照片发给想要的人。
“可以不用再买爆米花或礼物了,不如送给孩子的祖父母一系列照片。”他解释说,Waldo跟公立学校有一半一半的收入分成协议。目前该服务已经拓展到美国30多个州。
Waldo和FaceFirst的发展表明了,企业如何推动面部识别正常化,就在不久前这些还只是科幻小说里的内容。随着技术传播到美国经济的更多领域,越来越多公司将收集我们的面孔,要么训练算法,要么用来辨识顾客和罪犯,虽然犯错或滥用的可能性也在增加。 |
Real Networks isn’t the only facial recognition company with products that focus on children. A Texas-based startup called Waldo is supplying the technology to hundreds of schools, as well as kids’ sports leagues and summer camps. In practice, this involves using Waldo’s software to scan images taken by video cameras or official photographers, then match children’s faces to a database of images provided by parents. Those parents who don’t wish to participate can opt out.
According to CEO Rodney Rice, schools take tens of thousands of photos every year and only a handful of them up being seen in a yearbook. Facial recognition, he says, is an efficient way to distribute the remaining ones to those who would like to have them.
“Instead of buying popcorn or wrapping paper, you can get a photo stream to your kids’ grandparents,” says Rice, explaining that Waldo has a 50-50 revenue sharing arrangement with public schools. The service is now doing business in more than 30 U.S. states.
The growth of Waldo and FaceFirst show how businesses are helping to normalize facial recognition, which not long ago was the stuff of science fiction. And as the technology spreads to more sectors of the American economy, more companies will collect copies of our faces—either to train their algorithms or to recognize customers and criminals—even as the potential for mistakes or misuse grow. |
****
脸上的未来
2017年播出的技术反乌托邦电视剧《黑镜》(Black Mirror)里,一位焦虑的母亲看到女儿跟小混混在一起的画面,非常担心。为了确认身份,她将男孩的面部图像上传到用户面部识别服务。软件立即显示了男孩的名字和工作地点,然后她找过去对质。
曾经遥不可及的情景,如今已经近在咫尺。尽管人们对面部识别的担忧主要集中在政府使用上,但私人公司甚至个人的“黑镜式”利用也将造成明显的隐私风险。
随着越来越多的公司开始销售面部识别技术,人们的面部数据进入更多的数据库,偷窥者和跟踪者也可能用上新技术。商人和房东也能够用来识别不受欢迎的人,悄悄地拒绝提供住房或服务。
“凡是有摄像机和大量人流的地方,都可以开始积累图像数据库,然后用分析软件查看是否与既有数据库匹配。” 美国公民自由联盟的政策分析师杰伊·斯坦利表示。
此外也存在黑客攻击的风险。网络安全公司Gemini Advisors的安德雷·巴雷舍维奇说,曾经见过从印度国家生物特征数据库中窃取的资料,都在“暗网”上出售。他还没发现有人出售美国人面部数据库,但补充说,“这只是时间问题。”如果发生这种情况,从酒店或零售商盗取的顾客面部图片可以帮助罪犯实施诈骗或冒充身份。
随着技术在几乎没有政府监管的情况不断推广,限制滥用的最大希望可能在于软件开发商自身。在接受《财富》杂志采访时,面部识别初创公司的首席执行官们都表示,对隐私风险有着深刻的认识。包括FaceFirst首席执行官在内不少人认为,中国面部监控系统普及比较有警示意义。
首席执行官们还提出两种方法限制行业滥用技术。第一是与购买软件者密切合作,确保客户不会随意使用。举例来说,Ever AI的阿莱便表示,公司遵循的标准比亚马逊更高,他声称亚马逊几乎向所有客户出售Rekognition软件。
为了回应如何管理滥用的问题,亚马逊提供了马特·伍德之前发表的一份声明。马特·伍德在亚马逊云服务平台负责人工智能服务,他指出公司政策禁止非法或有害行为。
负责面部识别业务高管还提到另一项潜在的隐私保护措施,使用技术措施确保数据库中识别的面部不会遭到黑客攻击。
Waldo公司的首席执行官赖斯表示,面部图像是以字母数字散列的形式存储。也就是说,即使发生数据泄露,人们的隐私也不会受到影响,因为黑客将无法使用散列的面部图像重建面部并对应身份。其他人表示同意。
赖斯还担心,立法者制定面部识别技术使用规则,可能弊大于利。“把孩子和洗澡水一起倒出去,制定一些疯狂的规定,都差不多,最后只会是闹剧。”他说。
与此同时,一些开发面部识别软件的公司也在应用新技术,可能不再需要大量收集面部图片训练算法。总部位于迈阿密的面部识别初创公司Kairos便是其中之一,其客户包括一家大型连锁酒店。首席安全官斯蒂芬·摩尔表示,Kairos正在打造“合成”面部数据,复制各种表情和照明条件下的面部。他说,“人造面孔”意味着公司开发产品时需要的数据库规模可以小一些。
不管是监督面部识别软件客户,还是保障数据安全,打造综合培训工具,各项措施都可以将企业使用人们面部图像的问题缓和一些。与此同时,FaceFirst的特雷普相信随着人们对该技术越发熟悉,相关焦虑也会减少。他甚至认为2002年科幻电影《少数派报告》当中出现的面部识别场景会变得很正常。
“千禧一代更愿意提供面部图像。《少数派报告》里呈现的世界即将到来。”他说。“如果做得好,人们将享受到便利,而且将变成积极的经历。不会感觉太古怪。”
包括美国公民自由联盟在内的其他方面则没有那么乐观。不过,尽管有关该技术的争论日益激烈,目前几乎没有任何法律限制使用面部数据。例外只有伊利诺斯州、得克萨斯州和华盛顿州,三个州里使用某人的脸之前需要一定程度的同意。相关法律并未真正检验过,只有一地例外:伊利诺伊州,该州的消费者可提起诉讼行使权利。
目前,伊利诺伊州的法律也是一起与Facebook有关的、备受关注的上诉法院案件主题,该案声称,获取面部的限制并不能延伸到数字扫描。2017年,Facebook和谷歌进行了一场失败的游说活动,希望说服伊利诺伊州的议员降低法律的影响。1月底,伊利诺伊州最高法院裁定,如果消费者想就未经授权识别生物特征提起诉讼,无须证明在现实世界中受到伤害,进一步鼓励了该法律的支持者。
其他国家也在考虑制定生物识别方面的法律。在联邦一级,目前立法者还很少关注。然而情况可能会发生变化,因为参议员布莱恩·沙茨(夏威夷州)和罗伊·布朗特(密苏里州)在3月提出了一项法案,要求公司在公共场所使用面部识别功能和/或与第三方共享面部数据之前,必须获得许可。
乔治敦大学的研究员加维支持由法律监督该项技术。但她也表示立法者很难跟上技术发展的脚步。
“面部识别面临的一项挑战是,由于传统数据库存在,其吸收速度非常快。人们的面部图片太容易被采集到了。”她说。“跟指纹不一样的是,长期以来指纹采集的方式和时间一直有规则限制,而面部识别技术领域没有规则。”(财富中文网) 译者:冯丰 审校:夏林 |
The Future of Your Face
In a 2017 episode of the techno-dystopian TV series Black Mirror, an anxious mother frets over images of a ne’er-do-well carrying on with her daughter. To identify him, she uploads an image of his face to a consumer facial identification service. The software promptly displays his name and place of work, and she goes to confronts him.
Such a scenario, once far-fetched, feels close at hand today. While fears over facial recognition have focused on its use by governments, its deployment by private companies or even individuals—Black Mirror-style—poses obvious privacy risks.
As more companies start to sell facial recognition, and as our faces end up in more databases, the software could catch on with voyeurs and stalkers. Merchants and landlords could also use it to identify those they deem to be undesirable, and quietly withhold housing or services.
“Anybody with a video camera and a place with a lot of foot traffic can start to compile a databases of images, and then use this analytic software to see if there’s a match with what you’ve compiled,” says Jay Stanley, a policy analyst of the ACLU.
There’s also the risk of hacking. Andrei Barysevich of Gemini Advisors, a cybersecurity firm, says he has seen profiles stolen from India’s national biometrics database for sale on “dark web” Internet sites. He has yet to see databases of American faces for sale, but added, “It’s just a matter of time.” If such a thing were to occur, a stolen collection of customer faces from a hotel or retailer could help criminals carry out fraud or identity theft.
As the technology spreads with little government oversight, the best hope to limit its misuse may lie with the software makers themselves. In interviews with Fortune, the CEOs of facial recognition startups all stated they were deeply attuned to privacy perils. A number, including the CEO of FaceFirst, cited the spread of face surveillance systems in China as a cautionary tale.
The CEOs also offered two ways the industry can limit misuse of their technology. The first is by working closely with the purchasers of their software to ensure clients don’t deploy it willy-nilly. Aley of Ever AI, for instance, says his company follows a higher standard than Amazon, which he claims furnishes its Rekognition tool to nearly all comers.
In response to a question of how it polices misuse, Amazon provided a previously published statement by Matt Wood, who overseas artificial intelligence services at Amazon Web Services, pointing to a company policy prohibiting activity that is illegal or harmful to others.
The other potential privacy safeguard cited by facial recognition executives is the use of technical measures to ensure the faces identified in their databases can’t be hacked.
Rice, the CEO of the Waldo, says faces are stored in the form of alphanumeric hashes. This means that, even in the event of a data breach, privacy would not be compromised because a hacker would not be able to use the hashes to reconstruct the faces and their identities. The point was echoed by others.
Rice is also wary that lawmakers could do more harm than good by making rules for the use of facial technology. “Throwing the baby out with the bathwater, and creating a bunch of crazy regulations, that would be a travesty,” he says.
Meanwhile, some companies that make facial recognition software are using new techniques that may reduce the need for large collections of faces to train their algorithms. This is the case with Kairos, a Miami-based facial recognition startup that names a major hotel chain among its clients. According to chief security officer Stephen Moore, Kairos is creating “synthetic” facial data to replicate a wide variety of facial expressions and lighting conditions. He says these “artificial faces” means the company can rely on smaller sets of real world faces to build its products.
All of these measures—oversight of facial recognition customers, sound data security, and synthetic training tools—could allay some of the privacy concerns related to companies’ use of our faces. At the same time, Trepp of FaceFirst believes anxiety over the technology will diminish as we become more familiar with it. He even argues that facial recognition scenes in the 2002 sci-fi movie Minority Report will start to feel normal.
“Millennials are much more willing to hand over their face. That [Minority Report] world is coming,” he says. “Done properly, I think people are going to enjoy it and it’s going to be a positive experience. It won’t feel creepy.”
Others, including the ACLU, are less sanguine. Still, despite the growing controversy around the technology, there is, for now, almost nothing in the way of laws to limit the use of your face. The only exception comes from a trio of states—Illinois, Texas, and Washington—that require a degree of consent before the use of someone’s face. These laws have not really been tested, with one exception: Illinois, where consumers can bring lawsuits to enforce the right.
Currently, the Illinois law is the subject of a high profile appeals court case involving Facebook, which claims that restrictions on obtaining faces does not extend to digital scans. In 2017, Facebook and Google ran an unsuccessful lobbying campaign to persuade Illinois lawmakers to dilute the law. In late January, the law’s supporters got a boost when the Illinois Supreme Court ruled that consumers do not have to show real-world harm if they want to sue over the unauthorized use of their biometrics.
Other states are considering biometrics laws of their own. At the federal level, lawmakers have so far devoted little attention to the matter. This may be changing, however, as Senators Brian Schatz (D-Ha.) and Roy Blount (R.MO) this month introduced a bill that would require companies to get permission before using facial recognition in public places and or share face data with third parties.
Garvie, the Georgetown researcher, is in favor of laws to oversee the technology. But she says it has been difficult for lawmakers to keep up.
“One challenge of facial recognition is it’s been incredibly quick on the uptake because of legacy databases. There are so many instances where our faces were captured,” she says. “Unlike fingerprints, where there have long been rules on how and when they’re collected, there are no rules for face technology.” |