Discussion about this post

User's avatar
James Grimmelmann's avatar

There is a clear and simple distinction between the use cases you are worried about — Clearview-style "who is this person?" — and the use cases you want to preserve for the general public — "a face recognition feature that only works within a single user’s photo library." It's the difference between identifying someone you don't know from a photo and identifying a photo of someone you already know.

This distinction leads to a technical basis for legislation. Facial recognition is safer when *the user brings the dataset* of faces to match against but very dangerous when *the app brings the dataset*. So a face-recognition law could prohibit recognition against an app-supplied database except by law enforcement with a warrant, but allow apps to perform recognition against a user-supplied dataset (perhaps limited to some reasonable size of number of images or number of distinct people the app can identify). This would allow companies to create sophisticated models that are good at face recognition in general, but which do not have specific identified faces embedded in them. Instead, the models could be fine-tuned on an individual user's photos. Apple, for example, does face recognition on-device. (https://machinelearning.apple.com/research/recognizing-people-photos)

Expand full comment
Yaakov Saxon's avatar

Just on your early point re captchas, the writing has been on the wall for some time (also existing algorithms can already do quite a good job on captchas, not to mention services that just farm out the task to human workers).

Google has released v3 of their widely used ReCaptcha service and notably, it does not actually use captchas. It takes the algorithms they’ve built to determine whether someone is likely to be a bot from their browser session context (or something like that) which previously were used to decide whether a captcha was necessary or not, and makes that risk score alone into the entire product. It won’t serve you a captcha if you exceed the score threshold, it just won’t let you in at all.

Expand full comment
23 more comments...

No posts