Have you ever used the Face ID feature on your phone?
Have you ever thought that all the photos you post on social media will be collected as data?
Do you know that you are actually being recognized by your face all the time?
Have you ever thought about where your face data will be stored and what organizations will use it?
Who is watching me? Who is watching you? Who is watching us?
Does our facial data only belong to us?
With the rapid development of digital technology, a variety of technological applications in the Internet culture have facilitated everyone’s life, but have also caused a lot of controversy. The development and application of digital technology has helped the Internet governance, but it has also brought challenges. One of the most brought up concerns regarding the internet and digital platforms is the possible loss of personal privacy ( Flew, 2021, pp. 101-103).
We are provided with all kinds of information by the Internet, but we are also collected with all kinds of data by the Internet.
People leave traces of everything on the web, what you searched for, what pages you visited, who you liked or who you left comments on. Not only that, but even your face leaves traces in the online space and becomes data collected by digital platforms. Face recognition has become more and more common in the Internet society. Such biometrics are not only limited to governmental applications (Miethe et al., 2023), but are also common in social media and some digital platforms.
In the Internet world where algorithms, datafication and other technologies prevail, every person seems to be a collection of data, and all traces of your presence in cyberspace constitute you in the online world. But these data are not owned by you, but by the digital platform.
When I’m using my Face ID for Apple Pay, when I’m posting my photos to social media, I’m wondering where my face data will be stored. Who will censor and classify it? While enjoying the convenience brought by technology, we also bear a series of personal privacy risks.
In this context, what is the public’s concern about privacy leakage in the Internet society? What are the personal privacy security risks behind face recognition technology? What is the future of the Internet governance of facial recognition technology?
In this paper, we will discuss the privacy implications and privacy issues in the Internet environment, and focus on the privacy issues and governance in facial recognition technology.
What is privacy?
Privacy does not sound like an unfamiliar word. There is no doubt that everyone has a right to privacy. Flew (2021) pointed out that privacy has always been considered an inherent right, although it is often restricted in practice in various ways. According to Barendt (2017), privacy is the ability to decide when and who can see, hear, touch, smell, or taste(in person or through the media), the (physical) parts of ourselves (as identifiable humans). The above definition of privacy is limited, but we can see that the right to privacy is extremely important, as practically all significant rights and freedoms depend on it to be exercised (Barendt, 2017).
An individual’s right to privacy should be protected.
What is privacy in internet cultures and governance?
In Internet culture, the word privacy has been given more meaning. Flew (2021) wrote that privacy issues take on new meaning in the Internet environment in three ways. One is the amount of information available, the other is the balance between privacy and free online services, and the situation in which commercial enterprises and government departments collect data for analysis without users’ permission.
The Australian government states that the right to privacy includes “to be free from interference and intrusion; to associate freely with whom you want; to be able to control who can see or use information about you “(OAIC, 2023b). It points out that privacy should be viewed from three angles: physical, surveillance and informational.
In general, in the Internet environment, people’s right to information privacy is more defined as the right to control the collection and use of personal information. Due to the development of technology, the privacy issues under the Internet culture involve more and more extensive aspects. During the covid-19 epidemic in recent years, several governments used digital technologies to monitor and track citizens in order to control the spread of the epidemic. Some countries such as China, the United States, and South Korea are using location tracking technologies to obtain citizens’ location data (Ram & Gray, 2020). In major apps and websites, the necessary conditions for access and use are to agree to the privacy terms or accept all cookies, but these long and complicated legal terms in dozens of pages are very difficult for users to read (Belanger & Crossler, 2011).Facial recognition technology has also been used in various scenarios, such as facial recognition payments. In some Chinese schools where it is used to manage students, but there has been a lot of resistance. he use of facial video analysis in retail stores to combat theft (NTECH LAB, 2022) has also been met with challenges related to security and privacy issues. Face recognition technology has become popular, but its use remains controversial. Many people see this as an invasion of personal privacy. Although social media is considered to have the benefits of providing individuals with information and new opportunities to communicate and interact with others, they also store a large amount of data about users, which has led to great concern about privacy issues (Chen, 2018). With the application of facial recognition technology in social media, the security of personal facial data is also being debated.
As can be seen, in the Internet society, the collection of personal data is being widely used in the provision of services on digital platforms and in the Internet governance. At the same time, the issue of privacy is also being hotly debated. How to protect the public’s privacy in the Internet world is an issue that needs to be taken seriously by countries and major companies around the world.
At present, Europe has adopted general data protection regulation (GDPR) and China has introduced personal information protection law (PIPL) for the governance of online privacy. The Australian government has also implemented the Privacy Act to address this issue. Some companies have stated that they will handle user data properly to ensure the security of their data. For example, on Apple’s official website, Apple has clearly stated the collection and use of user data.
Specifically, I would like to talk about face recognition technology. Face recognition technology is a technology worth developing. However, compared with other data that can be left on the Internet, faces are personal biological data which is unique. Precisely because of its characteristics, it can improve the efficiency of governance and service, but also fall into the swamp of personal privacy invasion.
The development and application of facial recognition technolog
Face recognition technology is generally divided into three processes, namely “Detection, analysis and recognition”. A person’s identity can be identified by examining their face and then analysing their unique facial data (AWS, n.d.). This is a biometric identification method that uses data about a person’s face to verify and match that person’s identity.
In 2001, facial recognition technology made its debut on the public stage in the United States when law enforcement officers used it during Super Bowl 35. In 2001, law enforcement officials used facial recognition on crowds at Super Bowl XXXV (Klosowski, 2020). With the development of computer technology, the modern era of facial recognition began in 2010 (Klosowski, 2020).
Until now, facial recognition technology has been used in various industries. Such as government departments, the NSW Police Force (NSWPF) uses facial recognition technology (FR) to prevent, deter and investigate criminal acts (NSW Police Force, n.d.). On some digital platforms, the technology helps users sort photos by identity. Face recognition technology is also applied in the Australian Amusement Park, and the FindFace algorithm can be used to retrieve the personal photos of each tourist (NTECH LAB, 2018). Some Australian schools have been experimenting with facial recognition technology to monitor students’ daily behaviours, which has been criticized by the society (Basford, 2020).
Case study-Facebook shut down its face recognition system which had been using since 2010
On November 2, 2021, facebook announced the shutdown of its facial recognition system:
We’re shutting down the Face Recognition system on Facebook. People who’ve opted in will no longer be automatically recognized in photos and videos and we will delete more than a billion people’s individual facial recognition templates. (Pesenti, 2021)
Facebook launched the Facial Recognition System in December 2010, which automatically identifies people in photos posted by users. Users can tag people in photos and associate them with accounts by clicking on them. In this process, Facebook collects information about the user’s face and analyzes and identifies it. This is an invasion of the user’s privacy to a certain extent, as the user’s facial data is uploaded to the server for analysis and categorization without prior consent. This tagging tool turns the face into a new type of digital information, linking identity to personal past, changing the norms of personal photo use and replacing intimacy with Facebook data (Norval & Prasopoulou, 2017). And this tagging of others also creates new privacy issues, in addition to users who upload photos, but also those who are disclosed twice in photos (Martin and del Alamo, 2016: 251, as cited in Norval & Prasopoulou, 2017).
Controversy has surrounded Facebook’s facial recognition system for over a decade since its launch. Many privacy advocates continue to question how much facial data Facebook collects and what it uses it for (Hill & Mac, 2021). Lawsuits have also been filed against Facebook’s facial recognition system. In 2015, the state of Illinois filed a class action lawsuit against Facebook, alleging violations of the state’s privacy laws (Stempel, 2019). The lawsuit continued until 2021 before the parties settled for $650 million in damages from Facebook. While the lawsuit was ongoing, Facebook responded to his privacy concerns by modifying the face recognition feature from automatic on to opt-in in 2019. Despite this, Facebook announced in 2021 that it was shutting down its facial recognition system, citing a lack of clarity regarding the regulation of the technology.
Privacy Risks of Facial Recognition Technology
1. Lack of public access to information
Major companies don’t seem to consider face data to be a private matter for the public, instead treating it as a resource to be accessed. When facebook’s face recognition system was first introduced, developers did not realize the need to consider the protection of personal privacy. clearview AI, a U.S. facial recognition company, said in 2023 that it had collected more than 30 billion photos from public sources such as social media that were not These collected photos are made available to other organizations without the user’s permission and without the public’s knowledge (Schneider, 2023). The Australian government showed that Clearview AI had violated the Australian Privacy Act 1988 and ordered the company to stop its practices and destroy the data (OAIC, 2023a). The public often has little knowledge of how face data capture processes occur because face data is more accessible than other bioinformatic data that can be accessed in secret (Lively, 2021).
2. Legislation cannot keep up with technology
Although regulators have begun to pay attention to the field of facial recognition, relevant legislation is not perfect, and different countries and regions have different regulations and governance (Madzou & Louradour, 2020). In addition to facebook, some other Internet giants such as Amazon and Microsoft have suspended their facial recognition technology services and called for a clearer regulatory regime (Hill & Mac, 2021). The regulation and governance of this technology is not only to protect the public’s privacy, but also to show organizations and companies the direction to develop and regulate the use of the technology.
3. The severity of data leakage
Each person’s face is a unique biological information data, once leaked, its consequences will be very serious. This is different from online data such as web browsing history and usage habits, which are unchangeable and exclusive.
Conclusion-Privacy will be a constant battle in Internet culture and governance.
Although facial recognition technology has been developed and advanced in recent years, the potential for misuse and the lag in regulation have made it a hot topic of controversy in Internet governance on privacy issues. How to govern privacy in the digital age is a difficult issue.
For now, I only have confidence in facial recognition features that are based on local devices and do not upload data to a database, such as face ID unlocking for some electronic devices. It’s practical and reassuring.
“This use of technology inevitably has an impact on individuals’ privacy,” Edward Santow, an Australian Human This is only acceptable if there is an open, compelling justification. efficiency would rarely justify such a privacy impact” (Basford, 2020).
In Internet governance, there is still a long way to go to let users know what data is being collected in what ways and for what purposes, to give them full control over their privacy rights, and to place limits on businesses and government agencies. It’s not easy to make the process open and convincing. How does facial recognition technology work right in the midst of all the privacy concerns. Finding the right balance is critical in the future of Internet governance.
AWS. (n.d.). What is Facial Recognition – Beginner’s Guide to Face Analyzer Software and Machine Learning – AWS. Amazon Web Services, Inc. https://aws.amazon.com/what-is/facial-recognition/?nc1=h_ls
Barendt, E. (2017). Privacy (E. Barendt, Ed.; First edition.). Routledge. https://doi.org/10.4324/9781315246024
Basford, S. (2020, March 10). Australian Schools Have Been Trialling Facial Recognition Technology. Gizmodo Australia. https://www.gizmodo.com.au/2020/03/australian-schools-trial-facial-recognition-technology-looplearn/
Bélanger, F., & Crossler, R. E. (2011). Privacy in the Digital Age: a Review of Information Privacy Research in Information Systems. MIS Quarterly, 35(4), 1017. https://doi.org/10.2307/41409971
Beldad, A., de Jong, M., & Steehouder, M. (2011). I trust not therefore it must be risky: Determinants of the perceived risks of disclosing personal data for e-government transactions. Computers in Human Behavior, 27(6), 2233–2242. https://doi.org/10.1016/j.chb.2011.07.002
Chen, H.-T. (2018). Revisiting the Privacy Paradox on Social Media With an Extended Privacy Calculus Model: The Effect of Privacy Concerns, Privacy Self-Efficacy, and Social Capital on Privacy Management. American Behavioral Scientist, 62(10), 1392–1412. https://doi.org/10.1177/0002764218792691
Flew, T. (2021). Regulating Platforms. (pp. 101–103). Polity Press.
Hill, K., & Mac, R. (2021, November 2). Facebook, Citing Societal Concerns, Plans to Shut Down Facial Recognition System. The New York Times. https://www.nytimes.com/2021/11/02/technology/facebook-facial-recognition.html
Klosowski, T. (2020, July 15). Facial recognition is everywhere. Here’s what we can do about it. Wirecutter: Reviews for the Real World; The New York Times. https://www.nytimes.com/wirecutter/blog/how-facial-recognition-works/
Lively, T. K. (2021, December 1). Facial Recognition in the US: Privacy Concerns and Legal Developments. Www.asisonline.org. https://www.asisonline.org/security-management-magazine/monthly-issues/security-technology/archive/2021/december/facial-recognition-in-the-us-privacy-concerns-and-legal-developments/
Madzou, L., & Louradour, S. (2020). Building a governance framework for facial recognition. Biometric Technology Today, 2020(6), 5–8. https://doi.org/10.1016/s0969-4765(20)30083-7
Miethe, T. D., Dudinskaya, T., Forepaugh, C., & Sousa, W. H. (2023). Facial Recognition Technology in Policing: A National Survey of Public Support for This Technology and Privacy/Safety Concerns. Crime & Delinquency, 0(0). https://doi-org.ezproxy.library.sydney.edu.au/10.1177/00111287221150172
Norval, A., & Prasopoulou, E. (2017). Public faces? A critical exploration of the diffusion of face recognition technologies in online social networks. New Media & Society, 19(4), 637–654. https://doi.org/10.1177/1461444816688896
NSW Police Force. (n.d.). Facial Recognition – NSW Police Public Site. Www.police.nsw.gov.au. https://www.police.nsw.gov.au/crime/terrorism/terrorism_categories/facial_recognition
NTECH LAB. (2018, January 11). About indecent in the entertainment industry. NtechLab. https://ntechlab.com/blog/2018/01/11/on-obscene-issues-in-the-entertainment-industry/
NTECH LAB. (2022, November 11). Not only for theft prevention: video analytics for retail. NtechLab. https://ntechlab.com/blog/2022/11/11/not-only-for-theft-prevention-video-analytics-for-retail/
OAIC. (2023a, March 10). Clearview AI breached Australians’ privacy. OAIC. https://www.oaic.gov.au/newsroom/clearview-ai-breached-australians-privacy
OAIC. (2023b, March 10). What is privacy? OAIC. https://www.oaic.gov.au/privacy/your-privacy-rights/your-personal-information/what-is-privacy
Pesenti, J. (2021, November 2). An Update On Our Use of Face Recognition. Meta. https://about.fb.com/news/2021/11/update-on-use-of-face-recognition/
Ram, N., & Gray, D. (2020). Mass Surveillance in the Age of COVID-19. Journal of Law and the Biosciences, 7(1). https://doi.org/10.1093/jlb/lsaa023
Schneider, J. (2023, March 29). Clearview AI Has Scraped More Than 30 Billion Photos from Social Media. PetaPixel. https://petapixel.com/2023/03/29/clearview-ai-has-scraped-more-than-30-billion-photos-from-social-media/
Stempel, J. (2019, August 8). Facebook loses facial recognition appeal, must face privacy class action. Reuters. https://www.reuters.com/article/us-facebook-privacy-lawsuit-idUSKCN1UY2BZ