Is facial ID dystopian or cool?
IS the new iPhone’s facial recognition system inspired or creepy? Assuming it becomes a new industry standard (like other iPhone features), are we facing a
Minority Report style future with facial scans becoming a new currency?
Will supermarkets recognise us at the door? Will companies replace smart cards with facial scans for employees? Will countries seek to incorporate it into future passports?
In case you missed it, the key feature of the new iPhone X (pronounced iPhone ten, according to Apple) is that it replaces the home button with a facial recognition system based on 3D cameras and infrared technology. Matched with a powerful new computer processor, the ‘Face ID’ system can detect 30,000 different points on a human user’s face in light or darkness.
Once recorded, your face is used to unlock the phone or perform other functions previously done by the (now replaced) ‘home’ button. This includes downloading apps and making payments in shops: an Apple Pay transaction in a Centra or a Spar will now be completed by looking at your iPhone X instead of using the fingerprint Touch ID system.
Wearing a hat or growing a beard doesn’t stop it, either. Nor does wearing glasses (unless they’re very dark), gaining weight or ageing. And it can’t be fooled by high definition photos of your face, because a photo is flat and Apple’s cameras measure the depth of your facial features.
Indeed, Apple says that the chances of the system being fooled are a million to one. (It admits that an identical twin might get past its security.)
Some have already worried that a switchover to facial recognition as a phone’s gatekeeper technology might make it easier for police or muggers to force access to a handset. This seems unlikely, as there is scarcely less intimidation in forcing someone to look straight a phone with eyes wide open (it doesn’t work if your eyes are closed) than in just taking their finger and placing it against the Touch ID sensor.
But a bigger question arises out of what facial recognition might mean for how we are processed in our everyday lives.
If Apple’s technology turns out to be as reliable as it promises, it would seem impossible that the system will stay limited to phones — or Apple’s products — alone.
Public and private organisations have many potential uses for reliably accurate face recognition software. Some of them may be useful, some are undoubtedly dystopian.
The immediate issue is databases. Apple says that there will be no database of facial recognition scans, that all of the facial data will stay on the user’s phone, fully encrypted and never uploaded to an internet server.
To be fair, the company has a decent record on this. It has waged high-profile, fractious battles against both its own country’s security services (the FBI) and those abroad (UK prime ministers David Cameron and Theresa May) on the subject of softening its iPhone encryption standards.
But that’s one company. This technology won’t stay siloed with Apple (or Samsung, which has also deployed its own version).
Do we really think that Google or Facebook, whose businesses are wholly dependent on gathering and using personal information as a basis to make money, won’t try to make a super database of some sort from peoples faces? And who else will then get in on the act?
Biometric data identification systems for employees is already in increasing use by companies here in Ireland.
It has even been the subject of a complaint — and a subsequent ruling in favour of the company — with the Data Protection Commissioner here. In this year’s annual report, Helen Dixon found that biometric information such as a fingerprint (or, presumably, a facial scan) can be requested by company security staff for entry into the building. The only qualifier, she said, was that the company must make clear what the biometric data is for and how long it will be retained.
Supermarket chains have long experimented with trials of ‘gaze tracking’ software that seek to know more about what products you look at and where you linger on the shop’s premises. Being able to fully identify someone when they walk in could be valuable for deeper marketing purposes.
What’s more, it’s not clear how much people would object to it.
What if Tesco or SuperValu offered you 10pc off everything in your weekly shop in exchange for recognising you (and, possibly, what you buy) when you entered their premises?
I suspect many would take up that offer. Privacy campaigners talk about commercial facial recognition being a black and white issue, but the wider public may have a different view.
The reality is that most of us have already crossed a privacy threshold in our lives because of Facebook, Google, Twitter, Amazon, Instagram and other online services that have become a cornerstone of our daily existence.
As for physical surveillance, widespread acceptance of CCTV cameras and phone-tracking software may have worn down the instinctive urge to recoil from such deployments.
Indeed, it seems inevitable that security forces, police and border control systems won’t be able to resist the availability of new face detection tech to help them fight crime and terrorism. In doing so, they will expand on the general database of people’s faces they already possess.
Proponents of this expansion will argue that upgrading to better cameras and systems may cut down on the alarming rate that police are wrongly misidentifying — and even arresting — suspects based on crude face-detection software they currently have.
But given how data breaches are now almost inevitable at practically every organisation, what will a mass breach of a facial recognition database look like?
Apple has a decent record on privacy. But popularising this technology may have unforeseen consequences.