Jun 1, 2014 by Natasha Lomas (@riptari)
The selfie phenomenon is undoubtedly making the NSA’s job easier by producing a mountain of tagged online data to feed its facial recognition algorithms.
A report in The New York Times, based on documents from 2011 obtained by the NSA whistleblower Edward Snowden, reveals that the US security agency’s reliance on facial recognition technology has grown significantly under the Obama administration — coinciding with a rise in popularity of taking and tagging self portraits on online social networks.
The newspaper reports that the agency has turned to new software to process the flood of images being included in digital communication including social media, email, messaging, videoconferencing and other types of online comms. The 2011 documents show that agency officials believe technological advances in facial recognition software could revolutionize the way the NSA finds intelligence targets around the world.
According to the documents, the agency intercepts “millions” of images per day — including about 55,000 “facial recognition quality images” — although it is not clear how many images the agency has amassed in total at this point. The NSA describes facial recognition technology as offering “tremendous untapped potential” for tracking intelligence targets.
As well as its own in-house facial recognition software, the documents cited in the report note that the NSA also relies on commercially available facial recognition tech, including PittPatt — a company owned by Google — to process the data it is harvesting.
Facial images, fingerprints and other identifiers are now considered just as important to the NSA as written and oral communications, according to the report.
The paper says the NSA’s use of facial recognition technology goes far beyond previously detailed efforts. Back in February it emerged that the NSA and UK spy agency GCHQ had run a joint program harvesting webcam imagery from Yahoo users, between 2008 and 2012, which included the collection of sexually explicit material.
While the NYT notes that the NSA does not have access to US state databases of drivers’ licenses or to passport photos of Americas (no such luck if you’re a foreigner of course), it’s likely that the mountain of tagged online data it can now sift through means it can obtain that intel on US citizens from other sources — such as, presumably, Facebook, Instagram et al.’s huge store of selfies.
“It’s not just the traditional communications we’re after: It’s taking a full-arsenal approach that digitally exploits the clues a target leaves behind in their regular activities on the net to compile biographic and biometric information [that can help] implement precision targeting,” a 2010 agency document notes.
An agency spokeswoman contacted by the NYT reporters declined to say whether it collects facial imagery of Americans from Facebook and other social media through means other than communications intercepts. But that ‘no comment’ speaks volumes.
Facial recognition software is about as big brother as technology gets right now. Facebook, which is of course already in possession of its own data mountain of tagged facial imagery, is hard at work perfecting its own facial recognition software, under an initiative called the DeepFace project. Back in March Facebook announced that DeepFace was nearing human levels of accuracy at identifying a face in a crowd (97.25% vs the average human score of 97.5%).
Such commercial efforts undoubtedly make the NSA’s job easier, since the more accurately tagged imagery Facebook has, the more data effectively becomes available for harvesting by the NSA. Especially as US privacy laws provide no express protection for facial recognition data, as the NYT report notes.
That said, an NSA spokeswoman notes that images are considered a form of communications content in the US, so the NSA would require court approval for imagery of Americans collected through its surveillance programs — in the same way that it does to read their emails or eavesdrop on their phone calls. However cross-border comms — where a US citizens might be emailing or texting an image to someone targeted by the agency overseas could be excepted. So it really depends who you are sending your selfie to, and where they live.
In Europe, Facebook switched off its ‘tag suggest‘ facial recognition algorithm-powered feature in 2012, as part of a settlement of an investigation into its transparency on user data and privacy conducted by Ireland’s Data Protection Commissioner.
That facial recognition-software powered feature remains in place for Facebook users elsewhere, including in the US, where the tedious process of manually tagging all your selfies can be speeded up with Facebook’s tech.
But that is, as it turns out, very likely more grist to the NSA’s mill.