Facial recognition provider Clearview AI is facing a joint privacy investigation by the U.K. and Australia that centers on the scraping of social media platforms for available images.
Data Privacy
Technological development has always outpaced privacy concerns, but never more so than in the past decade. Collection and centralization of personally identifiable information (PII), tracking of movements and digital surveillance are all at unprecedented levels. Regulations and laws are only just beginning to catch up to the ability of both governments and private entities to deploy these capabilities.
What exactly is there to worry about? The mass collection and centralization of data by giant multinationals such as Facebook and Google is as good of a place to start as any. Two decades of vacuuming up the personal data of users of various online services has created the most impressive marketing capabilities in history, but these profiles have astounding potential for damage when they are used the wrong way or fall into the wrong hands.
Unauthorized information that is captured in data breaches tends to find its way to massive “combo lists” that are sold and traded on the dark web. Social security numbers are added from this breach, home addresses and phone numbers from that one, personal health information from yet another. Soon, a frighteningly complete profile of millions of individuals is available to anyone willing to pay the asking price.
These are just the established data privacy issues. The emerging ones are even worse. High-quality facial recognition technology is just beginning to roll out across the public places of some countries. Artificial intelligence is not only making mass facial recognition possible, but magnifies the power and reach of any application that involves capturing and sorting information: scanning pictures, analyzing speech, sifting through text and location data. This threatens to not only shatter anonymity and privacy, but allow for highly advanced impersonation and take the concept of “identity theft” to new levels.
Some businesses chafe at the trouble and added expense of new and emerging data privacy regulations, but they are vital to both protecting rights and privacy and instilling confidence in end users. Customers want to be able to submit their payment information without worry about data breaches and identity theft, use services without wondering what is being done with their personal information and use devices without fear of surveillance or having location data tracked. The need for meaningful safeguards only grows greater as technological capabilities increase.
Facebook CRO David Fischer declared that ad-supported services were "under assault" due to Apple privacy changes and that platforms depending on advertising revenue would be disproportionately damaged.
Swiss banking secrecy laws began to see significant erosion in 2018, and are facing another substantial blow as the country's government is proposing to allow its spy agency to monitor financial transactions.
EU is trialling facial recognition technology through ADDS, Automatic Deception Detection System, which will use AI to assess visitors’ facial expressions and behavior before granting entry permit.
New iOS 13 will limit VoIP apps from running in the background and thus close a loophole that allows third-party apps to exploit background access to collect data on users.
A controversial SDK used for location tracking remains present in hundreds of Android apps, in spite of bans. Data broker X-Mode's tracking software was forbidden from use in the world's two major app stores in 2020.
Deloitte foresees a collection of privacy enhancing technologies battling to become a new ad tech standard that ensures compliance with evolving global data protection regulations while reducing a seemingly inevitable blow to revenues as much as possible.
A temporary moratorium on the use of facial recognition technology in state schools is now a matter of law in New York, following the conclusion of a study that found that potential rights violations outweighed the safety benefit.
About half of all organizations are struggling to fill both technical and legal & compliance roles that require privacy skills, with about 3/4 anticipating a need to add both in 2022.
The privacy agreement consists of a list of "shared principles" drawn from "commonalities" in existing national laws, even though some OECD signatories have limited or no data privacy laws at the national or federal level.