BCS, The Chartered Institute for IT, explains why abuses of facial biometric data means we need to get serious about safeguards
BCS, The Chartered Institute for IT, has warned against the rise of a ‘cavalier attitude’ by organisations using ‘flawed’ facial recognition technology to monitor crowds in public spaces.
Dr Bill Mitchell, Director of Policy at BCS says there is an unprecedented danger of the misuse of biometric data, including identity theft, because of a combination of flawed technology and a lack of ethical and rigorous safeguards around how that data is captured, stored and processed.
The top concerns expressed by IT professionals in consultations BCS have carried out over the last 18 months highlight the severe risks of biometric data misuse. These are:
- Poor data governance resulting in companies unable to effectively monitor how data is used, who is using the data, or where duplicates of data are stored, which may result in any unethical practice going undetected.
- Lack of diversity in product development teams leading to hard-wired unconscious bias in new products or services that are data-dependent.
- Using incomplete data to incorrectly infer personal characteristics.
- Allowing data to be improperly shared within organisations.
- Improperly aggregating data from different sources to infer personal characteristics.
- Incorrectly cleaning data
- Incorrectly restructuring data resulting in the wrong data being associated with an individual.
- Incorrectly merging different data pipelines from third parties.
- Not conducting proper due diligence to ensure correct provenance of data through the supply chain (which may well be offshored and distributed across different national jurisdictions).
- Using data analysis methodologies that are invalid in a particular context.
- Applying analytical models as part of decision-making processes that are poorly tested (including, for example, inappropriate Machine Learning based neural networks).
- Using invalid anonymisation techniques that do not provide enough protection against deanonymisation.
- Storing data insecurely so that it is at risk of being misappropriated.
Dr Mitchell says the feedback from these consultations has been quite clear: “Virtually every time we hear the same alarming worries about data governance practices. This directly links to worries about the current cavalier attitude to facial recognition technology. For instance, misappropriated facial biometric data could lead to opportunities for virtual doppelgängers, and poorly captured biometric data can lead to cases of mistaken identity that can have dire consequences that are hard to correct. Much of the concern has been focused on the immaturity of the technology. An even bigger concern is what your biometric data is used for, or rather misused for, once it’s been captured and added to a database.”
The concerns raised by the IT profession come after a series of recent revelations about the widespread use of facial recognition technology. This includes the release of a report by Big Brother Watch, a civil liberties and privacy campaigning organisation, that says there is a facial recognition ‘epidemic’ across privately owned sites in the UK. It says it has found major property developers, shopping centres, museums, conference centres and casinos using the technology. Also, the Information Commissioners Office, the UK’s privacy watchdog, has opened an investigation into the use of facial recognition cameras in a busy part of central London in Granary Square, close to King’s Cross station.
Dr Mitchell said: “All of this should mean we treat facial recognition technology with extreme caution.
For instance, in July 2019 the University of Essex published a report that found there have been ‘significant flaws’ in the way UK police forces have trialled AI-enabled facial recognition technology.
“If the police can’t get it to work properly, why should we assume that property developers, museums, or music festival organisers can make it work?”
Latest News from
A points-based immigration system should include a Skills Competency Framework to attract IT professionals into the UK19/02/2020 15:20:00
BCS responds to the government’s announcement on points based immigration system.
‘A positive step that will reassure parents and keep children safer’ - BCS responds to the appointment of Ofcom as online harms regulator12/02/2020 11:43:00
BCS surveyed (Jan 2018) 6,500 young people on their views about online safety, coinciding with a Government consultation on its Internet Safety Strategy.
Students reaching university unprepared for online harassment and extortion, IT ethics Professor warns11/02/2020 12:20:00
On the 17th Safer Internet Day, Andy Phippen – a Fellow of BCS, The Chartered Institute for IT, and Professor of Digital Rights at Bournemouth University – considers how well the guidance rightly given to children all year round is serving older age groups – including students and vulnerable adults.
AI risks having bias and discrimination ‘hard-wired’ in - BCS tells Standards in Public Life Report10/02/2020 13:20:00
A lack of diversity in teams developing artificial intelligence (AI) can lead to in-built bias and discrimination in its decisions says BCS, The Chartered Institute for IT - in a new report by a major government advisory body.
BCS’s response to Huawei announcement30/01/2020 14:33:00
Dr Bill Mitchell OBE, Director of Policy at BCS, The Chartered Institute for IT, yesterday responded to Huawei announcement.
BCS responds to the Information Commissioner's Office (ICO) Code of Practice to protect children's privacy online23/01/2020 15:20:00
The Age Appropriate Design Code (published 22 January) outlines 15 standards that online services should meet.
BCS response to the Royal College of Psychiatrists report on technology and mental health20/01/2020 11:11:00
Dr Bill Mitchell OBE, Director of Policy at BCS, The Chartered Institute for IT said: “We agree with the Royal College of Psychiatrists that access to data from social media firms is vital; it will give us the evidence on which to base future policy that keeps young people safe.
New FEDIP chief executive appointed14/01/2020 15:51:00
The Federation of Informatics Professionals (FEDIP) – the body leading on professionalism for the healthcare IT community – has appointed the former Director of the NHS Wales Informatics Service and Chief Information Officer, Andrew Griffiths, as the new chief executive of its management board.