ICO Investigation Into Police Use of Facial Recognition Technology

ICO head Elizabeth Dunham is reported to have launched a formal investigation into how police forces use facial recognition technology (FRT) after high failure rates, misidentifications and worries about legality, bias, and privacy.

Concerns Expressed In Blog Post In May

In a blog post on the ICO website back in May, Elizabeth Dunham expressed several concerns about how FRT was being operated and managed. For example, although she acknowledged that there may be significant public safety benefits from using FRT, Elizabeth Dunham highlighted concerns about:

  • A possible lack of transparency in FRT’s use by police and how there is a real risk that the public safety benefits derived from the use of FRT will not be gained if public trust is not addressed.
  • The absence of national level co-ordination in assessing the privacy risks and a comprehensive governance framework to oversee FRT deployment.  This has since been addressed to an extent by an oversight panel, and by the appointment of a National Police Chiefs Council (NPCC) lead for the governance of the use of FRT technology in public spaces.
  • The use and retaining of images captured using FRT.
  • The need for clear evidence to demonstrate that the use of FRT in public spaces is effective in resolving the problem that it aims to address, and that it is no more intrusive than other methods.

Commissioner Dunham said that that legal action would be taken if the Home Office did not address her concerns.

Notting Hill Carnival & Football Events in South Wales

Back in May 2017, South Wales and Gwent Police forces announced that it would be running a trial of ‘real-time’ facial recognition technology on Champions League final day in Cardiff. In June, the trial of FRT at the final was criticised for costing £177,000 and yet only resulted in one arrest of a local man whose arrest was unconnected.

Also, after trials of FRT at the 2016 and 2017 Notting Hill Carnivals, Police faced criticism that it was ineffective, racially discriminatory, and confused men with women.

Research

Recent research by the University of Cardiff, which examined the use of the technology across a number of sporting and entertainment events in Cardiff for over a year, including the UEFA Champion’s League Final and the Autumn Rugby Internationals found that for 68% of submissions made by police officers in the Identify mode, the image had too low a quality for the system to work. Also, the research found that the locate mode of the FRT system couldn’t correctly identify a person of interest for 76% of the time.

What Does This Mean For Your Business?

Businesses use CCTV for monitoring and security purposes, and most businesses are aware of the privacy and legal compliance aspects (GDPR) of using the system and how /where the images are managed and stored.

As a society, we are also used to being under surveillance by CCTV systems, which can have real value in helping to deter criminal activity, locate and catch perpetrators, and provide evidence for arrests and trials. It is also relatively common for CCTV systems to fail to provide good quality images and / or to be ineffective at clearly identifying persons and events.

With the much more advanced facial recognition technology used by police e.g. at public events, there does appear to be some evidence that it has not yet achieved the effectiveness that was hoped for, may not have justified the costs, and that concerns about public privacy may be valid to the point that the ICO deems it necessary to launch a formal and ongoing investigation.

Make Skype Calls Through Your Amazon Echo

On Monday, the Microsoft Skype blog announced that Skype calling is now available on Amazon Alexa devices using a simple voice command and that Alexa customers can now call most landlines and mobiles internationally using Skype, as well as benefitting from 200 free minutes of Skype to call 34 countries.

Can Already Make Calls

Many Amazon Echo / Echo Plus and Echo Dot users may already be used to making calls via their Echo. Last year, Alexa-to-Alexa calls from compatible devices were enabled e.g. calling another Echo from your Echo by saying “Call (John’s) Echo”.  Also, Echo Connect combined with a user’s landline or VoIP service has enabled compatible Echo devices to call any number supported by a user’s home phone service provider e.g. contacts by name, specific mobile numbers, and by saying the individual digits of a full phone number.

How To Set Up Skype Calls On Your Alexa Device

Amazon Echo users can set up Skype calling by :

– Opening the Amazon Alexa app (the same one used to set up the Echo in the first place)

– Going to ‘Settings > Communication > Skype’

– Signing-in using the same account used for Skype

How To Make A Call Via Skype

According to the Microsoft Skype blog, once Skype has been set up on the Amazon Echo, (using an example) making a completely hands-free call should be simply a case of saying, “Alexa, call Mum on Skype.”

The new Skype call service via the Echo is being rolled out in the U.S, U.K., Ireland, Canada, India, Australia, and New Zealand.  The addition of the new feature is also being supported by a price drop in the Echo.

Video Calls With Echo Show / Spot Display-Based

The hook up with Skype also means that although speaker-only Echo devices can only make audio Skype calls, an Echo Show or Echo Spot display-based device should be able to make video calls using Skype.

It should also now be possible to make Skype calls via the Echo to other Skype-enabled devices e.g.  PCs, smartphones, or even an Xbox One console. SkypeOut also means that calls can be made to mobile and landline numbers.

What Does This Mean For Your Business?

Amazon is already the market leader (41% market share) of global smart speaker shipments, ahead of Google at 28% (Strategy Analytics data).  There is fierce competition in the huge and growing smart speaker market e.g. one-quarter to one-third of the U.S. population already owns a smart speaker, and the global number of installed smart speakers may more than double to 225 million units in two years (Canalys).  Amazon is trying to make its smart speakers as ubiquitous as possible e.g. at home, at work and in the car, and adding feature like this may make it even more attractive to customers, particularly at the season where sales are likely to be high, and where sales are already being supported by a price drop for Echo devices.  More sales of Amazon Echo devices could also mean that voice shopping on Alexa could potentially generate more $5 billion+ per year in revenue by 2020.

For users of Amazon’s Alexa smart speaker devices, the promise of easy, hands-free Skype calls could be another value-adding feature to tempt them to buy an Amazon smart speaker instead of others such as Sonos, or Google Home.

Facial Recognition For Buyers Of Alcohol & Cigarettes

A pilot scheme involving NCR, the US self check-out machine maker for Asda, Tesco and other UK supermarkets, and Yoti’s digital identity app will use an integrated camera linked to facial recognition software to help improve, simplify and speed up age approval at self check-outs.

Speed & Frustration Reduction

The system is intended to tackle problems such as frustration and delays caused when customers wait for approval when buying alcohol at self check-outs, challenges faced by supermarket employees who have to determine a shopper’s age and either accept or deny them a sale of alcohol or cigarettes, and to help the supermarket to stay on the right side of the law.

How Will The System Work?

An AI-equipped camera will be integrated in the vicinity of the checkout and the facial recognition software will use AI to help it estimate the age of shoppers when they are buying age-restricted items. The Yoti app does, however, require a customer to register their ID and face with the company beforehand.

What About Privacy and Data Security?

Wherever facial recognition software is used, there are always concerns about how the processing and storage of those images (that count as personal data under GDPR) is managed in terms of privacy and security. Yoti is reported to have said that its system will not retain any visual information about users after they have made a purchase.

Where and When?

There are no confirmed details as yet about exactly which supermarket(s) will be involved in the pilot, although some media reports appear to indicate that Tesco, Morrisons and Asda could be the most likely candidates for piloting the technology at some point later this year.

Face Scanning Used For Adverts

A face-scanning system, made by Lord Alan Sugar’s company Amscreen, is known to have been used already by Tesco at petrol station tills in order to target advertisements at customers depending on their estimated age.

What Does This Mean For Your Business?

Anything that reduces customer frustration, as well as speeding-up and simplifying the passage through tills, and leveraging staff resources through saving them from having to constantly go to different tills to approve purchases is likely to be good news for the supermarkets. If this system proves to be effective, accurate and successful, it could have many other opportunities for use in other age-restricted services e.g. venue / event entry, and the purchase of certain dangerous / restricted products, and the gambling industry.

While it may make perfect economic and practical sense for companies to use this kind of system, it could be a double-edged sword with some customers. For example, whereas some customers may see the practical and responsible side of the system, others may consider it an unnecessary intrusion with the potential to impact on their privacy and security.

Ubicoustics Overhears Everything You Do … And Understands

Researchers in the US have presented a paper based on their research that identified a real-time, activity recognition system capable of interpreting collected sounds that could well be used by home smart speakers.

Identify Other Sounds, and Issue Responses

Researchers at Carnegie Mellon University in the US claim to have discovered a way that the ubiquity of microphones in modern computing devices, and software that could use a device’s always-on built-in microphones could be used to identify all sounds in room, thereby enabling context-related responses from smart devices. For example, if a smart device such as an Amazon Echo were equipped with the technology, and could identify the sound of a tap running in the background in a home, it could issue a reminder to turn the tap off.

Ubicoustics

The research project, dubbed ‘Ubicoustics’, identified how using an AI /machine learning based sound-labeling mode, drawing on sound effects libraries, could be linked to the microphone (as the listening element) of a smart device e.g. smart-watches, computers, mobile devices, and smart speakers.

As Good As A Human

The sound-identifying, machine-learning model used in the research system was able to achieve human-level performance in recognition accuracy and false positive rejection. The reported accuracy level of 80.4%, and the misclassification level of around one sound in five sounds, means that it is comparable to a person trying to identify a sound.

As well as being comparable to other high-performance sound recognition systems, the Ubicoustics system has the added benefit of being able to recognise a much wider range of activities without site-specific training.

Applications

The researchers noted several possible applications of the system used in conjunction with smart devices e.g. sending a notification when a laundry load finished, promoting public health by detecting frequent coughs or sneezes and enabling smart-watches to prompt healthy behaviours after tracking the onset of symptoms.

Privacy Concerns

The obvious worry with a system of this kind is that it could represent an invasion of privacy and could be used to take eavesdropping to a new level i.e. meaning that we could all be living in what is essentially a bugged house.

The researchers suggest a potential privacy protection measure could be to convert all live audio data into low resolution Mel spectrograms (64 bins), thereby making speech recovery sufficiently difficult, or simply running the acoustic model locally on devices so no audio data is transmitted.

What Does This Mean For Your Business?

The ability of a smart device to be able to recognise all sounds in a room (as well as a person can) and to deliver relevant responses could be valued if used in a responsible, helpful, and not an annoying way. It doesn’t detract from the fact that, knowing that having a device with these capabilities in the home or office could represent a privacy and security risk, and has more than a whiff of ‘big brother’ about it. Indeed, the researchers recognised that people may not want sensitive, fine-grained data going to third-parties, and that operating a device with this system but without transmission of the data could provide a competitive edge in the marketplace.

Nevertheless, it could also represent new opportunities for customer service, diagnostics for home and business products / services, crime detection and prevention, targeted promotions, and a whole range of other possibilities.

New Tech Laws For AI Bots & Better Passwords

It may be no surprise to hear that California, home of Silicon Valley, has become the first state to pass laws to make AI bots ‘introduce themselves’ (i.e. identify themselves as bots), and to ban weak default passwords. Other states and countries (including the UK) may follow.

Bot Law

With more organisations turning to bots to help them create scalable, 24-hour customer services, together with the interests of transparency at a time when AI is moving forward at a frightening pace, California has just passed a law to make bots identify themselves as such on first contact. Also, in the light of the recent US election interferences, and taking account of the fact that AI bots can be made to do whatever they are instructed to do, it is thought that the law has also been passed to prevent bots from being able to influence election votes or to incentivise sales.

Duplex

The ability of Google’s Duplex technology to make the Google Assistant AI bot sound like a human and potentially fool those it communicates with is believed to have been one of the drivers for the new law being passed. Google Duplex is an automated system that can make phone calls on your behalf and has a natural-sounding human voice instead of a robotic one. Duplex can understand complex sentences, fast speech and long remarks, and is so authentic that Google has already said that, in the interests of transparency, it will build-in the requirement to inform those receiving a call that it is from Google Assistant / Google Duplex.

Amazon, IBM, Microsoft and Cisco are also all thought to be in the market to get highly convincing and effective automated agents.

Only Bad Bots

The new bot law, which won’t officially take effect until July 2019 is only designed to outlaw bots that are made and deployed with the intent to mislead the other person about its artificial identity for the purpose of knowingly deceiving.

Get Rid of Default Passwords

The other recent tech law passed in California and making the news is a law banning easy to crack but surprisingly popular default passwords, such as ‘admin’, ‘123456’ and ‘password’ in all new consumer electronics from 2020. In 2017, for example, the most commonly used passwords were reported to be 123456, password, 12345678 and qwerty (Splashdata). ‘Admin’ also made number 11 on the top 25 most popular password lists, and it is estimated that 10% of people have used at least one of the 25 worst passwords on the list, with nearly 3% of people having used the worst password, 123456.

The fear is, of course, that weak passwords are a security risk anyway, and leaving easy default passwords in consumer electronics products and routers from service providers has been a way to give hackers easier access to the IoT. Devices that have been taken over because of poor passwords can be used to conduct cyber attacks e.g. as part of a botnet in a DDoS attack, without a user’s knowledge.

Password Law

The new law requires each device to come with a pre-programmed password that is unique to each device, and mandates any new device to contain a security feature that asks the user to generate a new means of authentication before access is granted to the device for the first time. This means that users will be forced to change the unique password to something new as soon as the device is switched on for the first time.

What Does This Mean For Your Business?

For businesses using bots to engage with customers, if the organisation has good intentions, there should not be a problem with making sure that the bot informs people that it is a bot and not a human, As AI bots become more complex and convincing, this law may become more valuable. Some critics, however, see the passing of this law as another of the many reactions and messages being sent about interference by foreign powers e.g. Russia, in US or UK affairs.

Stopping the use of default passwords in electrical devices and forcing users to change the password on first use of the item sounds like a very useful and practical law that could go some way to preventing some hackers from gaining easy access to and taking over IoT devices e.g. for use as part of a botnet in bigger attacks. It has long been known that having the same default password in IoT devices and some popular routers has been a vulnerability that, unknown to the buyers of those devices, has given cyber-criminals the upper hand. A law of this kind, therefore, must at least go some way in protecting consumers and the companies making smart electrical devices.

Facebook Messenger May Introduce Voice Commands

It has been reported that Facebook has been testing how voice commands could be used in its Messenger platform to help users to send messages, initiate voice calls and set reminders.

Internally Testing

Facebook is reported to have confirmed to tech news platform ‘TechCrunch’ that it is internally testing a prototype of voice control (which was discovered by a TechCrunch tipster) in the M assistant of Messenger.

Facebook’s new speech recognition feature goes by the name of ‘Aloha’. It is believed that Aloha will be used for Facebook and Messenger apps, as well as external hardware. The Aloha voice assistant could become part of Facebook’s planned Portal video chat screen device / smart speaker, which is currently in development.

Benefits

Enabling voice control in the Messenger platform could bring considerable benefits to users, such as being able to use Messenger ‘hands-free’ in the car, improving accessibility, and generally making it easier for people to use the Messenger platform in the home and on the go.

How Will It Work?

Initial reports indicate that Aloha will be activated in Messenger by tapping an M assistant button which will appear at the top of a message thread screen. This will enable listening for voice commands.

Need To Differentiate

Apart from the obvious, high profile, negative publicly over the Cambridge Analytica data sharing and the recent massive hack, Facebook has experienced challenges in recent times as many of its younger users have moved to Snapchat. Facebook bought Instagram in a move that many saw as a way to attract the young users that moved from Facebook, but this strategy doesn’t appear to have been highly successful.

Adding a voice assistant to Messenger could, therefore, be a way for it to tackle part of this issue, and to differentiate its Messenger option from competitors such as SMS, Snapchat, Android Messages, iMessage and other texting platforms. Facebook is also known to be experimenting with other visual features such as Facebook Stories, augmented reality filters and more in order to help engage and retain users, and differentiate its services.

What Does This Mean For Your Business?

Facebook has been relatively late to the market with a digital voice assistant, but it appears to have found a way to deploy it at a time when it may be most needed to help differentiate its services from competing services, and to generate some good publicity amid the bad.

One of the biggest challenges that Facebook has at the moment, apart from the fact that Snapchat, iMessage, WhatsApp and other services are already popular and users may be loyal, is one of trust by users. The Cambridge Analytica data sharing scandal, and the recent hack which could have more reverberations as cyber-criminals sell and use the data they stole, may mean that users may not trust Facebook to handle their speech data as responsibly as they would like. There are, for example, stories of how other digital voice assistants have listened-in on their users e.g. back in May when an Amazon Echo (Alexa) recorded a woman’s conversation and shared it with one of her husband’s employees. It remains to be seen, therefore, whether users will now be willing to trust Facebook with what is still quite a sensitive area of personal data governance, particularly where business conversations are concerned.