UK: Leicestershire police trial face recognition at music festival

Download Festival: Facial recognition technology used at event could be coming to festivals nationwide (The Independent)

Around 90,000 people attending the five-day rock event in Derby will have their faces scanned by “strategically placed” cameras, which are then compared with a database of custody images across Europe.

The force has trialled the system since April 2014 in “controlled environments”, but this is the first time the portable NeoFace surveillance technology, made by NEC Corporation, is being used outdoors in the UK on this scale.

Leicestershire police said it hoped the system would enable them to find organised criminals who prey on festivalgoers who are often victims of theft.

This sounds a lot like the ‘Snooper Bowl’ deployment we had a role in back in 2001.

Facial recognition surveillance in an uncontrolled environment with non-participating individuals still presents significant technical challenges. Among them are lighting, pose angle, and perhaps most significantly, training users on how to evaluate the information the facial recognition system generates.

See also: Leicestershire Police defend facial recognition scans (BBC)

Biometrics front and center at Las Vegas Consumer Electronics Show

Biometrics and Pinball: Five companies on CES’ early watch list (ars technica)

When setting up the device, you take a number of pictures of the people you trust around your space to “teach” it what you look like, and the device will snap a photo every time it sees a face and send you a notification on your phone as people are seen. If a stranger pops up, you get a notification that “an unknown face has been seen” for your review. “It’s not a surveillance camera, but it is a security camera,” a Netatmo representative told us.

Peoples’ surrounding are going to become much more responsive to the individuals within them. This piece of technology is a very small step in that direction.

That’s like, so 2001

MAY, 2013
Boston PD Tested Facial Recognition Software By Recording Every Face At Local Music Festivals (Daily Caller)

Concertgoers at last year’s annual Boston Calling music festivals weren’t just there to watch the show — they were watched themselves as test subjects for Boston police’ new facial recognition technology, which reportedly analyzed every attendee at the May and September two-day events.

Employees at IBM — the outside contractor involved in deploying the tech alongside Boston Police — planned the test of its Smart Surveillance System and Intelligent Video Analytics to execute “face capture” on “every person” at the concerts in 2013.

Welcome to the Snooper Bowl (Time)

In a move that has been both hailed and decried, the Tampa Bay police department used the occasion of Super Bowl XXXV to conduct a high-tech surveillance experiment on its unsuspecting guests. In total secrecy (but with the full cooperation of the National Football League), the faces of each of the games’ 72,000 attendees were scanned and checked against a database of potential troublemakers. The news, first reported in the St. Petersburg Times, raises some urgent questions: is this the end of crime–or the end of privacy?

The surveillance system, FaceTrac, is based on technology originally developed at the Massachusetts Institute of Technology to teach computers to recognize their users, and was installed by a Pennsylvania firm called Graphco Technologies.

The technology and key personnel from Graphco were acquired by SecurLinx in 2003.

Face-in-a-crowd systems have improved, but aren’t quite ready

Facial scanning system for crowds shows improvement in tests by Homeland Security (ABA Journal)

The scanning system is known as Biometric Optical Surveillance System, or BOSS. It uses a computer to build a “3-D signature” from photos taken at different angles, then compares the results with a watch-list database. A computer professor and an official with the company developing BOSS said advances in computer processing will eventually result in speedier and more reliable matches. Currently, the system’s accuracy is only 60 percent to 70 percent at longer distances. And it takes 30 seconds to process the images.

Expect to see a whole lot more of this…

Chicago police go high-tech with facial recognition software (Chicago Sun-Times)

Story Image
Pierre Martin

Police had a photo captured on a CTA surveillance camera on Jan. 28 of a suspected mugger, looking to the side, after he had just allegedly stolen a cellphone from a man at gunpoint on a Pink Line train.

Police also had an ocean of photos for comparison — 4.5 million criminal booking shots.

They ran the program.

And Pierre Martin ranked No. 1 on a list no one wants to top.

We at SecurLinx deploy help police deploy these capabilities. The article is correct to note that officer training is a hugely important factor in successfully adding this capability to law enforcement efforts.

…and this.


New technology allows retailers to spot a celebrity approaching (The Telegraph – UK)

…[A] purpose-built facial-recognition system has been designed to ensure no hapless shop assistant accidentally snubs their best customer again, the Sunday Times reported.

The VIP-identification technology, created by NEC IT Solutions, is already being tested in about a dozen top stores and exclusive hotels in Britain, America and the Far East.

Compared to what?

Facial recognition software flops in US trials (Information Age)

“The number of system-generated false positives was excessive,” concluded the report, recently obtained under freedom of information regulations.

The airport had installed two separate facial recognition systems at security checkpoints at the airport. However, they failed to detect volunteers posing as terrorists 96 times during the three months that the trial was running, despite successfully picking them up 153 times.

Logan Airport was where 10 of the 19 terrorists involved in the 11 September terror attacks on New York boarded their flights.

Articles like this only make sense with reference to the expectations of the people that write them and users of the technology.

Catching a bad guy in 153 out of 249 chances (a 61.4% success rate) is obviously worth something, especially if the chance of catching that bad guy was 0% before the addition of the new technology. [Note: this analysis only makes sense if it is assumed that the subjects involved are on a watch list.]

The article also mentions the September 11 hijackers, begging the question: would the attacks have been possible if 11 or 12 (out of nineteen) of the attackers had been detected on the day?

Maybe, maybe not. Security protocols, not technology, would determine the answer. But a smart security protocol might say that if six terrorists are caught entering the same airport within a couple of hours of each other, certain measures should be taken.

False positives and low accuracy are real concerns to be overcome by improved performance of facial recognition systems. In fact, they are interchangeable problems. SecurLinx can provide a system that rarely provides false positives, but will fail to alert the user to a larger proportion of accurate matches, or we can provide a system that will catch more matches but will generate more false positives. We work with end users to help them determine their own “sweet spot” for the kinds of matches to which they want to be alerted. Facial recognition in surveillance applications isn’t like fingerprint biometrics.

The key to getting these things right for the customer and delivering the goods on a Return-on-Investment basis, is good communication about system capabilities, good training, and the application of the technology at the appropriate job function level.

If the system was sold as a bulletproof terrorist finder, a 39% failure rate is a flop. If it was sold as a 61% chance of preventing disaster, isn’t that worth something?

See also: Biometrics & ID infrastructure: Perfect is the enemy of good

India: Kerala police adopting face recognition for surveillance

Sree Padmanabhaswamy Temple
Photo: Rainer Haessner

Face-recognition tool to curb crime (The Hindu)

The State police will soon have the latest face-recognition technology integrated with its expanding surveillance camera network to screen entry and exit points of airports, railway stations, stadiums, and key government offices for persons with criminal or terror links. Senior police officers say the technology is likely to be implemented first at the landmark Sree Padmanabhaswamy temple here and later at other locations, including vital establishments vulnerable to sabotage in Kochi and Kozhikode.

Poll: Public not too worried about surveillance and face recognition

Americans mostly in favor of facial recognition at public events: poll (Biometrics Update)

From the report, 59% oppose email and cell phone surveillance (up 13% from 2006), but 79% are in favor of using facial recognition at various locations and public events and 81% support expanded camera surveillance on streets and in public places.

The public probably senses that there are a lot of ways to deploy facial recognition that are much less invasive of privacy than snooping on emails and hacking cell phones.

Australia changes privacy law regarding criminal investigations

Federal Government removes ban on biometric data used for crime-fighting

The Gillard Government’s new privacy legislation has removed the ban on biometric data being handed to crime-fighting agencies.

Officials say the move could be of immense benefit in fighting crime, but privacy lobbyists liken it to a “Big Brother” development.

The Attorney-General’s Department yesterday revealed police would be able to ask private companies – including shops, pubs and clubs – to hand over patrons’ facial scans.

“These changes will allow, for example, a pub to pass on to police a face scan of someone involved in a glassing attack,” a spokeswoman said.

“Or, police could ask a government agency to help them identify an alleged murderer through matching an image obtained via CCTV (closed circuit television) with client photos.”

Note: “Facial scan” is another term for “Photo.”

If the police can’t ask for evidence helpful in solving a crime, why have police (or privately owned CCTV cameras) in the first place?

Biometric technology, like all analytic tools, works both ways. It can eliminate suspects as well as indicting them.

UK Surveillance Commissioner Speaks

CCTV Technology has ‘Overtaken Ability to Regulate it’ (Wall Street Journal)

“A tiny camera in a dome with a 360-degree view can capture your face in the crowd, and there are now the algorithms that run in the background. I’ve seen the test reviews that show there’s a high success rate of picking out your face against a database of known faces.”

Research into automatic facial recognition being carried out by the Home Office has reached a 90 per cent success rate, he said, and it was “improving by the day”.

The headline quote comes from this more detailed article from The Independent, and might best be taken as a warning rather than a statement of fact. After all, if meant literally, the statement belongs in a resignation letter.

Surveillance Commissioner Andrew Rennison:

Let’s have a debate – if the public support it, then fine. If the public don’t support it, and we need to increase the regulation, then that’s what we need to do.”

Sounds like Transparency and Consent to me.

Surveillance, transparency, accountability & technology

TrapWire: Anonymous gives handy tips on how to avoid surveillance

This video has a heavy dose of dead pan humor, which is actually quite endearing.

As far as biometrics countermeasures go, I, like Anonymous, am still a fan of CV Dazzle because there’s something stylish and fun about what how they go about the challenge of defeating facial recognition.

The infra-red LED trick is really cool, too. Fans of the show White Collar will have seen that hack come into play in last week’s episode. That’s the first place I saw it.

All of this, while fun, socially interesting and even romantic, ignores the fact that the smartphone is the holy grail of surveillance technologies. Someone can wear a mask and a crazy hair do, head cocked 20 degrees to the side under a LED hat all they want. It won’t do any good if internet companies and cell providers (whether knowingly or unwittingly) cough up everything they know about individuals. The other virtue of the mobile computing surveillance model is that it requires no taxes, maintenance, or budget. The watched pay their own freight. That makes this type of surveillance available to individuals and organizations that might not have a lot of money or labor.

The answer isn’t regulating private use of technologies such as cell phones or biometrics. With technology, blanket moratoriums and bans are almost never the answer and even more rarely succeed. It may not be romantic or fashionable but the only answer is transparency and accountability.

Technology is all about people. It always will be.

Background on TrapWire

Retail and CCTV Vendors are Catching on to Facial Recognition

The new face of CCTV surveillance (The Retail Bulletin)

“There have been huge advancements in both facial recognition analytics and in network camera technology, which is ultimately the source that the analytics have to work from.

“In particular HDTV cameras offer higher resolution video and enhanced clarity and sharpness, that complements the accuracy of facial recognition solutions making identification even simpler and more accurate.”

Retail outlets and CCTV vendors are catching on to the opportunities for a return on investment facial recognition technology provide.

The article neglects to mention, however, that the installed base of CCTV cameras is poorly suited to facial recognition.

Facial recognition is what it says: the recognition of faces. It’s not top-of-the-head recognition; it’s not profile recognition; it’s not back-of-the-head recognition. In general, CCTV cameras have been installed to observe and/or record what people are doing, not who they are. They have been deployed to answer the question, “what’s going on?”

This is changing and can be overcome by moving a camera down and changing its zoom to where it is capturing good face images. As CCTV installers become more familiar with facial recognition technology, results will improve dramatically.

How to Inoculate Against Public Facial Recognition

How to Defend Yourself Against Facial Recognition Technology (PBS)

Facial recognition technology [FRT] is now just about everywhere we are…

Do we simply have to accept this as inevitable, or are there things we can do to protect ourselves and others against improper or repressive use of FRT?

Below are some tactical and technological defenses against FRT. Specifically, two layers of those involve: 1) when we are being watched, for example, at protests or in a public space, and 2) when we ourselves are taking and sharing images of others, especially online.

This well sourced-article contains a wealth of information and links having to do with in person and online public facial recognition.

Of course, CV Dazzle gets plenty of attention, as it should.

The app that automatically pixelates the faces in pictures users take with their mobile phones is really cool, too.

Then there’s the software in “Friends” a threat to your privacy? This facial recognition app might help, which isn’t mentioned in the PBS piece, but it would fit right in.

What if? Online Real-Time Searchable Sensor Data

Each of these articles is extremely interesting and when they’re read together, they become even more so.

The first one was published in the Washington Post a week or so ago and concentrates on industrial control systems (probably because Stuxnet has been in the news a lot lately). The second article below talks about the development of a search engine that could combine social networking with data collected by sensors that are hooked up to the internet.

Cyber search engine Shodan exposes industrial control systems to new risks (Washington Post)

It began as a hobby for a ­teenage computer programmer named John Matherly, who wondered how much he could learn about devices linked to the Internet.

After tinkering with code for nearly a decade, Matherly eventually developed a way to map and capture the specifications of everything from desktop computers to network printers to Web servers.

He called his fledgling search engine Shodan, and in late 2009 he began asking friends to try it out. He had no inkling it was about to alter the balance of security in cyberspace.

“I just thought it was cool,” said Matherly, now 28.

Smart City Search Engine Uses Sensors (Tech Week Europe)

Researchers at the University of Glasgow are helping build a search engine that will combine data from social networks with real-time sensor information such as recognition of faces in crowds to help users locate individual people or events.

The European-funded project, called Search engine for MultimediA Environment geneRated contenT (SMART), takes advantage of the already widespread presence of sensors such as CCTV cameras and microphone arrays, according to Dr. Iadh Ounis of the University of Glasgow’s School of Computing Science.

The combination of what these two efforts envision — a crawler that finds online devices, an engine that makes them searchable, datamining of social media and real-time access to sensor data — would really be something.

But what would it take for someone sitting at a computer terminal to find and commandeer a surveillance camera, grab an image of my face, run it through a facial recognition search of social media platforms and find out something as simple as my name?

For now, it would be pretty difficult. Without significant help from disparate entities, the challenges associated with such a query are extremely daunting and that will probably be true for the foreseeable future.

A simple facial recognition search of all the photos on (for example) Facebook’s servers would be pretty close to useless. The ‘book simply has far too many faces. Based upon the (low) image quality from surveillance cameras and the (high) number of Facebook photos, there would be far too many false positives. I’ll make an educated guess that the reason Facebook gets the facial recognition results that it does is that it uses its (highly proprietary) knowledge of its users to limit the face rec search only to people that Facebook already believes have a significant likelihood of actually knowing each other. So, without Facebook’s help, that random someone sitting at their computer would have a pretty difficult challenge even if their target is a heavy user of social media.

Other challenges apply. Finding a device online is not the same as controlling it. Controlling some functions of a device such as a surveillance camera doesn’t necessarily imply that all functions are available to the user. Speed and storage are also issues.

Nevertheless, some challenges, such as the co-operation of service providers, can already be overcome by governments. Others will become easier to overcome as technological progress is made.

What is possible? That’s an interesting question. What does it cost? That may be far more important. Stuxnet proved that some amazing things are possible. As for pulling a mini-Stuxnet to see if I’m over-sharing on the social webs, theoretical possibility may not be the most important consideration. A private detective is still the way to go.

But if Moore’s law holds and techy things continue get cheaper, better and faster, who knows?