Clearview AI, one of the high-tech surveillance tools used by New Zealand Police, continues to be mired in controversy. Canada has banned it and both Australia and the UK’s privacy regulators are investigating its use by their police forces.
In five European countries privacy activists have lodged data protection complaints against Clearview, alleging it doesn’t have any legal basis for collecting and processing biometric data under the European Union’s General Data Protection Regulation.
Its use here began in January 2020, without New Zealand Police informing the government, the Privacy Commissioner or the public. Indeed even Police Commissioner Andrew Coster was unaware his force was making use of the powerful facial recognition software, one which has the ability to deliver live monitoring of public spaces (although New Zealand Police have said they will not use this capability.)
Police national manager of criminal investigations Tom Fitzgerald said its initial use was limited to about 150 searches of police volunteers, and roughly 30 searches of persons of interest. He promised to establish new processes ensuring the Police Commissioner and the Privacy Commissioner are consulted in the future.
In response to the controversy New Zealand Police implemented a policy in September 2020 that outlines what steps are required before new tech can be trialled or introduced – or extra capability added to existing technology.
Among those was the stipulation there be senior-level oversight and that stakeholders like the Privacy Commissioner be informed, as well as formal approval be sought from the Police’s Security and Privacy Reference Group.
This year New Zealand Police appointed two independent facial recognition experts to advise on its use, but the public still have no real idea how New Zealand Police are using the technology on a day-to-day basis, nor what privacy safeguards are in place.
It appears the Police are still policing themselves when it comes to the use of Clearview.
Some won’t be satisfied with that assurance in light of the many instances of illegal searches by New Zealand Police staff of its NIA database (there were 146 investigations into possible misuse of the police’s record database between 2018-2020) with over half upheld.
How ClearviewAI works
ClearviewAI is a devilishly simple idea borne out of the mind of thirty-two-year-old Australian
Entrepreneur, Hoan Ton-That, and has been embraced by more than 600 law enforcement entities, including the FBI.
Clearview works by scraping publicly available images of people on the web and storing the images in its database. That enables law enforcement to easily match an image and find out who it is, along with links to where those photos appeared on the net.
It now has over 3 billion images scraped from internet sites. As more faces are scanned the accuracy of the platform increases.
If you, or even a friend, has ever publicly posted an image of yourself on Facebook, Instagram or YouTube or any other internet site you’re in Clearview’s database.
Privacy campaigners believe the platform is open to abuse (it doesn’t help that Ton-That has been linked to right wing sympathisers like Peter Thiel, Chuck Johnson and Jeff Giesea).
Clearview could, for example, identify law-abiding people at a protest giving New Zealand Police their names, location and a list of contacts.
Ton-That defends the practise by citing the company’s first amendment rights, stressing that Clearview is not automated facial recognition, preferring to call it an investigative tool “for after the fact investigations”, only to be used after someone has committed a crime.
At present it cannot be used as evidence in court proceedings and any convictions have to be upheld with independent evidence.
Controversy goes global
There’s broad agreement that Clearview is a powerful and useful tool and will inevitably be a part of law enforcement. The platform was instrumental in bringing to justice many of the Capitol rioters in Washington in January, as well as solving terrorism and sex-trafficking cases in North America.
It’s the lack of transparency around how it is used that’s troubling to many privacy activists and to the internet giants themselves.
Clearview’s image scraping violates the terms of service of many sites and Google, Twitter and YouTube have all sent Clearview cease and desist letters.
In response Ton-That cites the company’s first amendment right and insists that the images gathered were all publicly available.
But there is pushback from authorities.
New Jersey and San Francisco have been told to stop using the platform and the company voluntarily pulled out of Illinois last year after it was found to be in violation of the state’s privacy laws.
New Jersey’s Attorney general Gurbir Grewal told CBS news that, while he saw uses for facial recognition software, “he was opposed to the collection of biometric information and the use of it without proper safeguards by law enforcement.”
Our own Privacy Commissioner John Edwards has remained rather quiet on the matter – its website stating that – “The development of facial recognition technology is inevitable, and the technology will become more advanced over time. It’s important that any new technology be introduced with proper consideration. Our advice is that any artificial intelligence should be used with careful reference to our principles for the safe and effective use of data analytics and that the data.”
Meanwhile privacy regulators from Australia, Europe and Canada are actively looking into its use.
In February Canada’s Privacy Commissioner Daniel Therrien stated that Clearview could not make use of the facial images of Canadians without their explicit consent and that the practise was illegal under the terms of Canada’s privacy laws.
Clearview voluntarily withdrew from the country but issued a statement in its defence – “Clearview AI only collects public information from the Internet which is explicitly permitted … Clearview AI is a search engine that collects public data just as much larger companies do, including Google, which is permitted to operate in Canada.”
It’s planning to challenge the ban in court.
Similarly in Australia The Office of the Australian Information Commissioner (OAIC) has opened a joint investigation into the software with the UK’s Information Commissioner’s Office (ICO). Stating that the investigation signalled – “the importance of enforcement cooperation in protecting the personal information of Australian and UK citizens in a globalised data environment.”
thebit.nz has reached out for comment from Privacy Commissioner John Edwards. We will publish his responses as soon as we get them.