Facebook Faces the Face

Facebook putting a bullet into its facial recognition system and deleting some 1 billion faceprints is exciting news on multiple levels.

It's a clear victory for privacy advocates out there. So many of us are in that facial recognition dragnet of surveillance, whether we’re a Facebook user or not.

It should also be recognized that this is likely fallout from the deluge of unintended Facebook disclosures of their confidential business data and strategies. Targeting six-year olds as teenagers retreat from Facebook might be the most recent, but it’s probably also the creepiest.

And like a boxer wobbling on their feet after a few hard punches to the face, one can't neglect to mention the massive outages.

Facebook is looking for its sea legs and can't seem to find them.

For the privacy fans out there, it's all great news. The less large tech can proudly flout their prolific data collection the better. Maybe now the banter about ordinary people enjoying the collection of their most intimate data can slow down.

It also shakes the notion that more surveillance is inevitable, and should be accepted as fact. But shaking notions doesn't mean surveillance is coming to a screeching halt. It does mean that those who gleefully point to some 1984-esque future may not be right.

Let me say it one more time with feeling: a dystopian surveillance society isn't inevitable. History doesn't move in any sort of linear fashion. If you think otherwise, your historical memory is short, and your grasp of history's dynamics is weak.

Until 1990, East Germany's notorious Stasi secret police probably presided over the most surveilled society before the modern era of digital collection. Sure, there were digital tools involved, but when some 2 million people out of a population of around 17 million were involved in state surveillance on some level of another, one can imagine that such surveillance can feel worse than anything we encounter today. Children snitching on their parents, cousins snitching on each other is inevitable at that scale, and it should not provoke warm fuzzy feelings.

That state-led surveillance was aimed at keeping opposition in check. But seemingly overnight, that regime collapsed despite comprehensive surveillance-informed repression.

Of course many of the Stasi’s informers received compensation on some level or another. Today the surveilled actually pay for their own surveillance through cell phone purchases along with cellular and internet service provider monthly fees. Not everything is better about surveillance today versus in East Germany.

But it's critical to recognize that there is an incessant war between surveillance and counter-surveillance. That war didn't start yesterday, and it won’t be over tomorrow.

To dive a bit more into what Facebook actually did, consider that data collected for facial recognition is not merely to catalog everyone's face. Real AI models aren't about collecting data for the sake of collecting data. You just need a lot of data storage for that, not AI. AI is supposed to be beyond just a huge collection of data, and real AI should be capable of drawing conclusions on its own. That data is for training the AI model.

There’s not much intelligent about AI if it’s just referencing a large database of information it’s referencing. That’s just a lookup on a mass scale, not intelligence.

If Facebook has (had?) the facial data on one billion of the eight billion people on Earth, that's a lot. At ClearOPS we do a lot of natural language processing, and to have 12.5% of all completed security questionnaires that exist in the world, 12.5% of every single domain's public data points... well, that would really be game changing for us.

To take that point to more cynical level, I’ll quote a collaborator of mine in the privacy enhancing technology community: maybe "the model is just done being trained," and they don't need that facial data anymore?

George is a co-founder and CTO of ClearOPS. By trade, George is a systems administrator out of BSD Unix land, with long-time involvement in privacy-enhancing technologies. By nature, he thrives on creating unorthodox solutions to ordinary problems.

ClearOPS offers knowledge management for privacy and security ops data that is turned into information that can be used to respond to security questionnaires and conduct vendor monitoring. Do you know who your vendors are?