Most of the commentary on Facebook’s new face-recognition strategy has been negative, with many folks posting instructions on how to opt out. I, on the other hand, think that Facebook may have come up with a great strategy for cutting the Gordian Knot on this thorny privacy problem.
Face recognition is here to stay. My question is whether to pretend that it doesn’t exist, and leave its use to government agencies, repressive regimes, marketing data mining firms, insurance companies, and other monolithic entities, or whether to come to grips with it as a society by making it commonplace and useful, figuring out the downsides, and regulating those downsides.
This is part of my general thinking about privacy. We need to move away from a Maginot-line like approach where we try to put up walls to keep information from leaking out, and instead assume that most things that used to be private are now knowable via various forms of data mining. Once we do that, we start to engage in a question of what uses are permitted, and what uses are not.
Overall, I think our privacy regimes need to move to a model similar to that applied to insider trading. It’s not possession of secret information that is criminalized; it is misuse of that information to take advantage of the ignorance of others.
Google and others have shied away from releasing web-based products that include face recognition technology because of privacy concerns (though both Apple’s iPhoto and Google’s Picasa apply it to photos stored on your local hard drive and under your control). No one wants to take the arrows or the possible legislative and/or regulatory scrutiny that may ensue.
What I like about Facebook’s approach is that they aren’t using the technology to actually tag people in photos; they are using the technology to alert people on your friend list that you might have appeared in a photo, and relying on those people to add the tags. This modified approach will result in better data, but also may mute just enough criticism that users will come to accept it.
When it comes to privacy, putting our head in the sand about what’s already possible with data mining and machine learning (and what will become even more possible with every passing year) is short-sighted. Unless we’re prepared to ban face recognition technology outright, having it available in consumer-facing services is a good way to get society to face up to the way we live now. Then the real work begins, to ask what new social norms we need to establish for the world as it is, rather than as it used to be.