Commentary

Privacy Advocates And Industry Unable To Agree On Rules For Faceprints

In December of 2013, the National Telecommunications Information Administration announced an ambitious plan to convene privacy advocates and industry representatives in order to forge a consensus on privacy standards for facial recognition technology.

That effort suffered a big blow today, when a coalition of privacy groups walked out of the talks.

“At this point, we do not believe that the NTIA process is likely to yield a set of privacy rules that offers adequate protections for the use of facial recognition technology,” the groups said in a statement issued today.

The move came just days after a meeting at which privacy advocates and industry representatives were unable to agree on key privacy principles. The departing organizations include the Center for Democracy & Technology, the Center for Digital Democracy, the Consumer Federation of America, the Electronic Frontier Foundation, the American Civil Liberties Union, Consumer Action and Consumer Watchdog.

An NTIA spokeswoman reportedly said today that the agency “will continue to facilitate meetings on this topic for those stakeholders who want to participate.”

The major point of contention between the advocates and businesses concerns whether companies should ever obtain people's explicit consent to identify them via facial recognition technology.

The privacy advocates say that affirmative consent should be required in some circumstances. “At a base minimum, people should be able to walk down a public street without fear that companies they’ve never heard of are tracking their every movement -- and identifying them by name -- using facial recognition technology,” the privacy groups stated today.

But the industry representatives didn't think companies should ever be required to obtain people's permission before deploying facial recognition technology, according to the advocates.

“At last Thursday’s meeting, the group failed to achieve agreement on any scenarios where facial recognition would only be used with consent,” Justin Brookman, director of consumer privacy at the Center for Democracy & Technology, writes today in a blog post.

The digital rights group Electronic Frontier Foundation adds that requiring opt-in consent “is not an outlandish goal.” That group points out that Europe and two states -- Illinois and Texas -- already require that companies obtain consumers' consent before building a database of faceprints. Facebook currently is facing a class-action lawsuit in Illinois for allegedly violating that state's law.

This isn't the first time that advocates and industry officials have been at odds over privacy standards. For years, the Internet standards group World Wide Web Consortium tried to forge an agreement between industry groups, computer scientists and advocates about how to interpret “do-not-track” requests that consumers send through their browsers. That effort, which is still ongoing, saw the defections of some privacy advocates as well as the industry organization Digital Advertising Alliance.

Next story loading loading..