[HN Gopher] Clearview AI challenges B.C. privacy watchdog order
___________________________________________________________________
Clearview AI challenges B.C. privacy watchdog order
Author : arkadiyt
Score : 121 points
Date : 2022-01-25 16:50 UTC (6 hours ago)
(HTM) web link (www.piquenewsmagazine.com)
(TXT) w3m dump (www.piquenewsmagazine.com)
| imglorp wrote:
| We've created a mess of legal jurisdiction and geography that is
| difficult to reconcile with globally distributed systems.
|
| BC and Clearview both have a point. But which jurisdiction is in
| play? Is it the one where the person lives or where the picture
| was taken? Was it the company that took the picture, one of a
| dozen networks in play, the one that transmitted it to a server,
| or the one that aggregated it into a database, or the one that
| sold the data? There could be 20 countries involved.
|
| Laws really need to catch up to the tech which has far outpaced
| them.
| vkou wrote:
| > We've created a mess of legal jurisdiction and geography that
| is difficult to reconcile with globally distributed systems.
|
| It's easy to reconcile. If you want to operate in a
| jurisdiction, you are subject to that jurisdiction's laws, and
| legal injunctions. This is a very basic thing, on the level
| that a school-child can understand it. Just because you're
| operating using computers doesn't change a damn thing.
|
| When a jurisdiction tells you that you can't operate in it,
| unless you change your behaviour, you either change your
| behaviour, or stop operating in it. Or keep operating, and be
| treated by it like a criminal. Or appeal.
|
| If you don't like Canadian internet laws, don't do business in
| Canada. If you don't like Russian speech laws, don't do
| business in Russia, or plan a vacation in Leningrad. If you
| don't like Quebec language laws... Don't operate in Quebec.
|
| You're not entitled access to every market in the world, if you
| can't comply with their rules. If the rules are contradictory,
| pick the ones you care about more.
| Nextgrid wrote:
| > If you want to operate in a jurisdiction
|
| What defines "operating"? Does it mean you are physically
| based there? Your infrastructure being there? Your company
| registration? Your bank account? Etc.
|
| Back in the day these weren't problems in practice; for
| physical goods/services you typically were based in a single
| jurisdiction. If exporting goods, customs take care of it.
|
| The internet has no "customs" equivalent though, so you can
| very well be based in one jurisdiction and yet process
| personal data of residents of another. Sometimes you may not
| even know where the data subject actually resides.
| lmeyerov wrote:
| Less "what" and more "who"
|
| The jurisdiction decides, and you play by their rules... or
| leave
| 908B64B197 wrote:
| > What defines "operating"? Does it mean you are physically
| based there? Your infrastructure being there? Your company
| registration? Your bank account? Etc.
|
| For globally distributed businesses governments can and
| will target payment processors.
|
| > The internet has no "customs" equivalent though
|
| We can thank regulators for not understanding this
| "computer" thing. This environment gave the industry 20
| years of innovation. Nothing more depressing than dealing
| with custom and special snowflakes regulations (most of the
| time, to protect some local rent-seeker!).
|
| In this case, BC can do whatever it wants, they have no
| jurisdiction. They might as well claim ownership of the
| moon.
| adolph wrote:
| > What defines "operating"?
|
| If some aspect of an operation can be detained,
| expropriated, or extradited, now or in the future, then it
| operates in that jurisdiction. Otherwise it is just talk.
| Hence Assange is slowly on his way to the US; Snowden is
| just cold until the US has something to offer.
| vkou wrote:
| > What defines "operating"? Does it mean you are physically
| based there?
|
| Whether or not I do any business with anyone controlled by
| the jurisdiction.
|
| It's not a problem in practice.
|
| I can host a website that pisses on Putin in the United
| States. I have no intentions of ever going to Russia. I
| don't rely on any Russian services. A Russian may visit it,
| because, well, Russia has access to the internet. I may be
| breaking Russian law, but I don't care, because I'm not
| operating in Russia. Russia can tell their ISPs to block
| me, or can _ask_ for my host to cut me off. My host isn 't
| likely to comply, because it too, is unlikely to have ties
| to Russia.
|
| I put up an ad from a Russian company on it. I'm now
| operating in Russia, and Russia can shut that part of my
| business down, by forcing the Russian company to stop doing
| business with me. Once they do, I'm no longer operating in
| Russia.
|
| Some jurisdictions reach further than others. Russia (or
| Canada) has jurisdiction over its corner of the world, and
| little else. The United States has jurisdiction over a very
| large part of the world, because a lot of businesses that I
| would partner with have an American presence, and will
| comply with American requests. China is somewhere in the
| middle. Its reach extends somewhat beyond its borders, but
| doesn't straddle the world.
| danlugo92 wrote:
| Someone might be using a VPN as well...
| vkou wrote:
| If I run a liquor store in Florida, and a Saudi tourist
| visits it and buys a bottle of wine, that's not my
| problem. Saudi Arabia can't do anything to me, regardless
| of how many of their drug laws I'm breaking.
|
| If I start advertising my store in Saudi Arabia, or move
| my money into a Saudi bank, or visit their kingdom, then
| I'll have a problem. Because it _can_ do something to me.
| It can tell my business partners to cut me off, or seize
| my money, or, in the latter case, arrest me as a drug
| kingpin.
| criddell wrote:
| As long as subjects opt-in with their geographic
| information, the companies can protect themselves.
| krono wrote:
| Using a EU-citizen's picture for marketing purposes without
| their consent, if the picture was taken someplace where
| this is legal, sure.
|
| But that same picture should then not be used for that
| purpose in the EU where it's illegal.
|
| It's not dissimilar to how public drinking in The
| Netherlands would get me drunk, but doing the same in Saudi
| Arabia gets me 100 lashes.
| stefan_ wrote:
| I don't understand, the law is clear: _the set of all of
| those_.
| dogleash wrote:
| >Laws really need to catch up to the tech which has far
| outpaced them.
|
| None of this is new, or specific to tech, this is just how
| companies try to end-run the law.
|
| How exactly would you propose changing jurisdictional
| boundaries and/or rules? Subjecting people to more governments
| that are not the ones for the areas in which they're operating?
| Removing the ability for some local areas to have control over
| the business that occurs in it?
| kube-system wrote:
| The internet has always stretched through many different legal
| jurisdictions. It's tech companies who have decided that they
| can hide fugitive at the other end of a wire.
| Nextgrid wrote:
| > The internet has always stretched through many different
| legal jurisdictions.
|
| Back in the early days this wasn't a problem in practice
| because internet-based entities were operating in good faith,
| so even if the legal landscape was murky, nobody had a need
| to resort to it. This has now changed as companies are now
| acting in bad faith doing things many find reprehensible, and
| a legal precedent and/or a change in law is needed to
| effectively deal with those bad actors.
| wyre wrote:
| > This has now changed as companies are now acting in bad
| faith
|
| I wonder what the major impetus for the change has been. Is
| it akin to having a million monkeys guided by money on
| computers, eventually one of them will write code enabling
| a fascist internet?
| rory wrote:
| Sort of. Originally, it was just hackers making things on
| the internet. Now, it's the most popular way to make
| money in the world. So if there's a way to make money
| doing something reprehensible on the internet, someone
| reprehensible will find it and do it.
| rexarex wrote:
| I didn't expect to see this in the local Whistler newsmagazine.
| black-tusk wrote:
| Me neither, we're assured a good issue this Thursday
| donkarma wrote:
| they don't really have a product outside storing data, an amateur
| could scrape Facebook and do facial recognition and the only
| reason it hasn't happened yet is because of how expensive the
| storage would be
| octoberfranklin wrote:
| Actually scraping Facebook is really difficult. They have some
| of the most aggressive browser-fingerprinting out there.
| Archive.is gave up trying because their facebook accounts kept
| getting restricted, and each new account needed a new SIM card
| to sign up so they aren't free..
| Flankk wrote:
| You also don't have a right to make copies. That all changes
| if you purchase the data.
| amatecha wrote:
| Wait. Why "can't" Clearview comply with the order?
|
| Don't they know the identities of the people whose photos they're
| scraping and storing? Thus, don't they know if those people are
| Canadian or not?
|
| Or is Clearview just lazily scraping photos from the web etc. and
| storing whatever random username or pseudonym is attached to it,
| giving _that_ in search results? In which case, they should 1000%
| expect to be taken to task by jurisdictions all around the world
| for their gross overreach.
|
| Wait, plus, isn't the very premise of their business just 99.99%
| pure IP infringement? They don't even have the legal right to use
| images posted online just because they're accessible. They are
| protected by copyright unless CC or public-domain licensed...
| 6gvONxR4sf7o wrote:
| I would love clearview's business model and models like it to be
| illegal. All sorts of internet businesses claim that they can't
| know the provenance of their data and therefore can't comply with
| certain laws. They then argue that that means they shouldn't have
| to comply. It really should go the other way: if you can't
| comply, then your business is illegal.
| rory wrote:
| I agree with this sentiment in principal. In this particular
| case it gets a little hairy since the service is illegal in
| Canada, but the company is based in the USA and no longer
| accepting Canadian customers. I'm not sure what the line should
| be, but certainly we don't want a situation where any internet
| company can be shut down by any country that interacts with the
| internet.
|
| Of course, I also think we should make this business model
| illegal in any country. But that's a different thread.
| pomian wrote:
| Interesting to follow what happens. Great that there are still
| 'watch dogs' looking out for us. The answer from the company to
| the order from the commission: "those recommendations were
| impossible to execute." Imagine if a environmental commission
| ordered a company to stop polluting, and the company answered
| with those words!?
| donkarma wrote:
| very simple to execute if you cease operation
| wantsanagent wrote:
| Clearview is not an ethical or well motivated company. It's not
| surprising they are attacking any institution who wants them to
| respect rights which are anathema to their business model. It's a
| quintessential Thiel company and I would be overjoyed if they
| went out of business.
| toofy wrote:
| I don't know enough about Canadian IP law, but I assume they have
| protections for owners of images and maybe even for the subjects
| of the images.
|
| clearview claims they can't determine if a picture was taken in
| Canada or if the subjects are Canadian--if this is true, then
| they likely can't determine if they have any legal right to be
| using the images in the first place.
|
| It seems to me that the diligence should absolutely fall on
| clearview to determine if they're lawfully using these images in
| every jurisdiction. I know there are many jurisdictions around
| the world and each will have their own laws but I mean, come on,
| this is common practice for every company in existence. For them
| to claim "we can't follow the laws" is absurd.
| legalcorrection wrote:
| It's dubious for Canada to claim worldwide jurisdiction over
| pictures of Canadians. These two requests, that Clearview "cease
| collecting, using and disclosing images and biometric facial
| arrays collected from individuals in Canada" and "delete images
| and biometric facial arrays collected from individuals in Canada"
| sound like overreach.
|
| Certainly, they can prevent Clearview from doing business inside
| Canada. Maybe even from accessing Canadian servers (though that
| would be tricky to implement and enforce). But from using images
| posted by Canadians to international platforms? Doubtful.
| bawolff wrote:
| Its not that different from how eu claims that gdpr applies to
| all european citizens even if living abroad.
| legalcorrection wrote:
| Also of highly dubious legality. Would be interesting to see
| what would happen if an EU member state pursued damages on
| that angle and then tried to enforce the judgment in a US
| court. I would expect a US court would refuse to give it
| effect due to the other country exceeding the appropriate
| exercise of jurisdiction under international law.
| jabbany wrote:
| And this is part of the reason why places like China have
| things like the GFW. Because they know that the US would
| never cooperate with even relatively benign things like
| foreign privacy laws (let alone more controversial things),
| so best ban them from the domestic network altogether.
|
| PS: I have no intention of condoning the behavior of
| building censor networks like the GFW, but until there is
| some international court to adjudicate Internet
| jurisdiction cases, my prediction of the future is that
| there will be more and more countries adopting
| technological countermeasures and the Internet will be
| increasingly fragmented.
| wongarsu wrote:
| Countries enforce laws on people/organizations they don't
| have jurisdiction over all the time. Usually it ends up
| with the country not being able to do anything about it
| until the convicted is doing business in that country, has
| assets there or is stepping foot into it (in the case of
| organizations: when a representative goes to that country).
|
| Having another countries court enforce a judgement is the
| exception, it usually only happens if there's a treaty to
| that effect (like with copyright law).
| noah_buddy wrote:
| Legality at the root is what a nation or union of nations
| is able to enforce. Perhaps GPDR is not legal in the case
| law, but I see cookie banners on most sites I visit these
| days.
| lmkg wrote:
| That is literally the opposite of true.
|
| GDPR applies to individuals located in the European Union,
| and citizenship is not a factor. EU citizens have no GDPR
| rights while abroad, and conversely non-Europeans have GDPR
| protection while in the EU.
| 6gvONxR4sf7o wrote:
| They aren't claiming worldwide jurisdiction, right? That would
| be like them saying they'll force clearview to stop business in
| the US.
| legalcorrection wrote:
| My understanding is that they're claiming worldwide
| jurisdiction over Clearview's use of Canadians' pictures,
| such that Clearview letting a US client query their database
| for a picture of a Canadian would be contrary to the order.
| 6gvONxR4sf7o wrote:
| If a canadian takes a picture of a canadian in canada, for
| example, it's canadian jurisdiction. And so long as any
| consequences for breaking it are limited to canada as well,
| it seems like it's still just canadian jurisdiction. It's
| not like they're trying to extradite the CEO for what they
| did in the US, or provide any extra-canadian consequences,
| right?
| nickff wrote:
| You're talking about extending Canadian copyright rules
| internationally, which isn't how copyright works.
| Copyright varies a lot.
| eps wrote:
| Clearview is expected to not collect or use pictures of
| Canadians, presumably taken on the Canadian soil.
|
| That's a perfectly reasonable request.
|
| Just like Google is not allowed to provide street view of
| certain locations due to local privacy laws. Exact same
| thing here.
| nickff wrote:
| There's a bit of a hitch, as a photo can be legally
| taken, and legally transferred to a non-Canadian entity,
| at which point things get problematic. Canadian copyright
| and privacy rules don't usually apply to foreign
| entities.
| csdvrx wrote:
| As much as I dislike legal overreach in international
| matters, I agree: the pictures of Canadian individuals
| are likely to have been taken in Canada, or to come from
| Canadian sources or websites. The fact that they may have
| been shared with a US company (ex: Facebook, LinkedIn) is
| irrelevant: copyright etc. does not cease to exist when
| crossing a digital border. Some countries also have extra
| protections on top of copyright, like use right, certain
| rights you can't sign away, etc.
|
| Even worse: by being able to correlate that to Canadian
| individuals (using metadata or facial metrics, etc), the
| company can't pretend they don't know who these pictures
| are from, or where they come from: they know damn well,
| which makes the court requests limited scope even more
| acceptable.
|
| Also, claiming to be ignorant of Canadian law may not be
| a good excuse. They should have known, if only to start
| doing business there.
|
| Let's construct an equivalent: if in ISIS or Afghan
| territory, a terrorist group had scraped pictures of
| people living in the EU or US, and known by them to be
| "enemies of the caliphate" or something equivalent and
| that's it's totally A-OK within their legal system to
| publish that on a website say to call for their murder (I
| must confess my ignorance on these matters but you get
| the idea), we'd all say "no it's not". This is just the
| same. What's legal for us to do domestically with
| domestic pictures of citizens may not be legal to do
| somewhere else, and importing the pictures to do it
| domestically doesn't magically make it legal.
| jiveturkey wrote:
| Not that Clearview isn't disgusting, but they do seem to be in
| the right here.
| chmod775 wrote:
| If you cannot comply with Canadian laws, you cannot sell to, or
| operate in, Canada.
|
| I don't think Clearview AI has any employees in Canada, so what
| do they stand to gain from this lawsuit? Does that tiny startup
| have any customers of note there?
| monkeybutton wrote:
| Is the RCMP a customer of note?
| https://www.cbc.ca/news/politics/rcmp-clearview-ai-1.6060228
| mthoms wrote:
| The Canadian Security Intelligence Service (CSIS) is almost
| certainly a customer (though no-one will ever admit it).
|
| They could be the ones pushing Clearview to fight this in
| Canadian court.
| ecdouvhr wrote:
| I suspect they simply wouldn't care unless they actually fear
| repercussions from Canadian authorities. Whether those
| potential repercussions would be something to fear here and
| now, or if they simply want to keep the door open for potential
| future expansion, is not quite clear.
|
| On the other hand, the scraping/facial recogniton they do would
| also violate European privacy regulations, and it could be they
| feel a win in a similar case would come in handy if they ever
| decide to offer their services to European customers.
| avens19 wrote:
| This is my guess. They're worried about precedent. If this is
| allowed to stand it gives other jurisdictions a roadmap for
| how to shut this down
| brailsafe wrote:
| Yes. I can't quote anything on this, but they were in trials
| with major tourism companies at the very least. Probably
| lucrative enough on their own, but in terms of data collection
| as a resource, those contracts would be a gold mine.
| parasense wrote:
| I feel like this is a very common delusion, the expectation of
| privacy when going into public.
|
| It's like public photography. Some folks get really upset if
| their photo is taken out in public without consent, but those
| folks were out in public so zero expectation of privacy. Same
| exact thing for the Internet.
| vkou wrote:
| You're looking at the world through black and white, to the
| exclusion of all the shades of gray.
|
| Someone snapping a photograph of a busy street is one thing.
| Someone snapping a photograph of a busy street, with a focus on
| you, because you are doing something that looks inappropriate,
| out of context, is another. Someone following you around,
| taking video, from the moment you step out of your front door,
| to the moment that you step back through it is a third.
|
| That someone can be a stranger who doesn't know or care that
| you exist, a private individual with a deranged vendetta
| against you, who has threatened you with harm[1], a company
| that does this on a massive scale and aggregates data, a
| company that does this on a targeted, personal scale, a
| government agency that is lawfully investigating a crime, a
| government agency that is unlawfully acting out of
| vindictiveness, a government agency that is _lawfully_ acting
| out of vindictiveness...
|
| None of these things are the same, nor do they warrant the same
| "Oh, well, it's a public space, nobody owns it, everyone can do
| whatever they want."
|
| It's a public space. We _all_ own it. We _all_ get to determine
| what kind of behaviour is acceptable, and unacceptable in it.
|
| The solution to predators and bad actors in a public space is
| _not_ expecting that everyone who can afford it move more of
| their life into a private one. That 's how we lose our public
| spaces.
|
| [1] Depending on your jurisdiction, you may not have any
| particular recourse against that. Some locales really don't
| like handing out restraining orders... Or enforcing them, when
| they are broken.
| tkfu wrote:
| It might be a "common delusion" where you live (I'm guessing
| the US), but in every country I've lived in (n=6), it's an
| accurate understanding of basic privacy law. You can't just go
| and take someone's photo without their permission, even if
| they're in a public place.
| kube-system wrote:
| The amount of privacy one can expect in public is slightly more
| than zero, even in countries with very lax privacy law like the
| US.
| bbarnett wrote:
| https://educaloi.qc.ca/en/capsules/your-right-to-control-pho...
| chmod775 wrote:
| This is very similar to how it works in most western
| countries.
|
| You can photograph people in public all you want, but you
| cannot publish those without their permission.
|
| Blurring or the people not being in focus/center can allow
| you to do so without getting everyone's permission though
| (think of crowds, passersby in the background).
| [deleted]
| donkarma wrote:
| hope you don't mind my drone recording you and posting your
| location online at all times then
| brimble wrote:
| > U.S. 'mass surveillance' company
|
| Google? Facebook? Microsoft? Any cell phone company? Most ISPs?
| Any of the CRAs? Any credit card company? Any major bank? About a
| thousand companies most people have never heard of? Palantir?
|
| _Checks article_
|
| > Clearview AI
|
| OK. You really gotta specify in the headline. There are a _lot_
| of possibilities with that vague a description.
| ulrashida wrote:
| To customers: "Uncover leads, insights, & relationships you never
| knew existed."
|
| To regulators: "Where did all these pictures come from? It's
| impossible to say."
| dathinab wrote:
| Surprise, if you base you company on something which is illegal,
| or likely becomes illegal, you might no longer be able to comply
| with law without shutting down your company.
| azalemeth wrote:
| Is it possible to tell if Clearview has my face in their dataset?
| Legally, they have no right to and I would like to get them to
| remove it if they do - I am an EU citizen and they have no right
| to have my data. However, to ask them to do that requires
| emailing them ID and a headshot [1]!
|
| Does this seem silly, or deliberately obstructive?
|
| [1] https://www.clearview.ai/privacy-policy
| cakeface wrote:
| Is it possible for me to request that Clearview remove any
| pictures of myself that they have? I'd like to do that.
| dylan604 wrote:
| and how do they prove they did it in a way that makes you
| believe they did. Or how do you know that they didn't just use
| your request to confirm your identity? That's like clicking
| unsubscribe in SPAM.
| dEnigma wrote:
| I once stumbled upon a link to request my data according to the
| European GDPR, and did so. Never heard back though.
| towe12301923 wrote:
| > The commissioners found Clearview scraped images of faces and
| associated data from publicly accessible online sources
| (including social media) and stored it in its database.
|
| > What the commissioners recommended was that Clearview:
|
| > * cease offering facial recognition services to Canadian
| clients;
|
| > * cease collecting, using and disclosing images and biometric
| facial arrays collected from individuals in Canada, and;
|
| > * delete images and biometric facial arrays collected from
| individuals in Canada.
|
| > The company said those recommendations were impossible to
| execute.
|
| Clearview claims that they have stopped selling to Canadian
| clients but they don't know where the people in the images are
| from. Probably true if they're just scraping images, but their
| argument seems to be "innocence by ignorance".
|
| We don't usually allow that sort of argument in other areas.
| Stores cannot sell cigarettes/alcohol to minors and banks cant
| unknowingly launder money, and it is on them to make sure they
| collect enough data to comply with those laws. It may be hard or
| even impossible for Clearview to operate while following the
| law.. but maybe that just means they shouldn't.
| adolph wrote:
| _Clearview said its facial recognition search engine "compares
| user-provided images of faces to a database of images indexed
| from public web pages. The tool allows law enforcement and
| national security agencies to identify victims and perpetrators
| of crimes._
|
| How is this fundamentally different from Google image search?
| [0]
|
| Did Clearview do something to be investigated? The commission
| essentially claimed they read about the company in the news and
| decided to act based on that. [1] It seems odd that haven't
| they investigated Google for the same. [2]
|
| 0.
| https://www.google.com/search?tbs=sbi:AMhZZivCGA7FJZHmFkT5r4...
|
| 1. https://www.priv.gc.ca/en/opc-actions-and-
| decisions/investig...
|
| 2. https://www.priv.gc.ca/en/opc-actions-and-
| decisions/investig...
| reaperducer wrote:
| They can both be bad.
|
| You don't stop going after one criminal because there are
| others.
| adolph wrote:
| Seemingly neutral laws can be enforced inequitably or
| corruptly. A government that goes after the little guys and
| gives big cos a pass is illegitimate.
| vkou wrote:
| > A government that goes after the little guys and gives
| big cos a pass is illegitimate.
|
| A government that governs without consent of the governed
| is illegitimate. A government that governs inconsistently
| is not necessarily illegitimate. The legitimacy of a
| government is not determined by any particular small-
| large business axis. Viewing the world through that axis
| is not helpful in this case.
|
| And while we're at it, just because your government is
| unfair doesn't make it illegitimate. There are plenty of
| state governments[1] that were, and are incredibly unfair
| in their enforcement of their laws, but when they aren't
| actively stealing elections, I wouldn't call them
| _illegitimate_.
|
| [1] For a crystal-clear example, the south under Jim
| Crow. Unfair laws, unfair enforcement of laws, but I'd be
| hard-pressed to argue that many of those governments did
| not have the consent of most of who they governed.
| thaumasiotes wrote:
| > A government that governs without consent of the
| governed is illegitimate.
|
| This is not exactly a mainstream viewpoint.
|
| > For a crystal-clear example, the south under Jim Crow.
| Unfair laws, unfair enforcement of laws, but I'd be hard-
| pressed to argue that many of those governments did not
| have the consent of most of who they governed.
|
| But in the other direction, it's trivially easy to argue
| that many major governments did not have the consent of
| the governed. e.g. the Qing dynasty was hated by the
| Chinese people it ruled.
|
| The consent of the governed is not even a theoretically
| valid concept as applied to large groups. You rule
| through force.
| vkou wrote:
| You are correct, it's possible to further expand that
| definition of legitimacy, to include de-facto legitimacy
| (I am the guy in charge, I might be in charge because I
| rule through fear and force, but since I am the guy in
| charge, I am legitimate.)
|
| My point is that it doesn't make much sense to _contract_
| the definition of legitimacy. At a minimum, if a
| government has the consent of the governed, it is
| legitimate.
|
| If it does not, well, we can split hairs about whether or
| not being a warlord, a king, or some other kind of despot
| counts.
| mthoms wrote:
| >Clearview claims that they have stopped selling to Canadian
| clients but they don't know where the people in the images are
| from. Probably true if they're just scraping images, but their
| argument seems to be "innocence by ignorance".
|
| This part of their defence is outright laughable. What's the
| point of having this sort of database without the associated
| metadata?
| tablespoon wrote:
| > This part of their defence is outright laughable. What's
| the point of having this sort of database without the
| associated metadata?
|
| I'm not a fan of Clearview AI, but I understand it's still
| useful even for faces that aren't explicitly tied to an
| identity in the system, because the if the police know where
| the matched photo is from, they can do the legwork to fill in
| the missing details.
|
| I think one of the examples in an early article about it had
| the police feeding a suspect's face into it. The system found
| a match in the background of some photo taken at a trade show
| (the guy was working a both). It only knew the website the
| _photo_ was from, which allowed the police the identify the
| trade show, which allowed them to track down the people
| working at that booth to find their suspect.
| kurthr wrote:
| The point being... _they then know where it's from_, that's
| the metadata. If they know the trade show, then they know
| where and when it was, whether it was in Canada and whether
| they need to delete it.
| tablespoon wrote:
| > The point being... _they then know where it's from_,
| that's the metadata. If they know the trade show, then
| they know where and when it was, whether it was in Canada
| and whether they need to delete it.
|
| In most cases they probably only know the URL, and it's
| far from trivial (or even possible in a general case) to
| mechanically derive if photo was taken in Canada from
| that.
|
| Personally I hope they're forced to overshoot and delete
| far more than necessary to ensure compliance (e.g. only
| keep photos they can positively determine were taken
| _outside_ of Canada).
| f311a wrote:
| They don't, they just know the original URL. IIRC, they
| also scrape news websites and it's impossible to
| automatically and correctly detect the location of a
| person.
|
| Even if it's from a social network, you still can't be
| sure. Especially, if a photo have multiple persons.
| kurthr wrote:
| It is so impossible that it is the actual use case they
| are selling?
|
| " The system found a match in the background of some
| photo taken at a trade show (the guy was working a both).
| It only knew the website the photo was from, which
| allowed the police the identify the trade show, which
| allowed them to track down the people working at that
| booth to find their suspect."
| meowface wrote:
| Just as evidence I'm not defending them, I find their
| project totally unethical, and the owners and their
| associates are also highly involved with internet fascism
| and credential phishing (I know the source isn't the
| best, but I recommend reading the article):
| https://www.huffpost.com/entry/clearview-ai-facial-
| recogniti...
|
| With that said: the order is clearly impossible to
| execute. There's a huge difference between police
| clicking on a URL in a result and manually investigating
| to determine the location and having their system
| automatically determine the location of all photos and
| delete the ones that are in Canada.
| shkkmo wrote:
| > With that said: the order is clearly impossible to
| execute.
|
| It is clearly possible to execute, it would just require
| much higher costs per image that ClearView processes and
| the probable need for ClearView to avoid using any images
| that they can't verify the location of in am economical
| fashion.
|
| Saying it is "impossible" is different from saying that
| the costs of compliance would fundamentally change
| ClearView's business model.
___________________________________________________________________
(page generated 2022-01-25 23:00 UTC)