Instead of joining in, I posted the following semi-sarcastic tweet:
My flippant tweet began to pick up traction. My intent wasn’t to claim that the meme is inherently dangerous. But I knew the facial recognition scenario was broadly plausible and indicative of a trend that people should be aware of. It’s worth considering the depth and breadth of the personal data we share without reservations.
Of those who were critical of my thesis, many argued that the pictures were already available anyway. The most common rebuttal was: “That data is already available. Facebook’s already got all the profile pictures.”
Of course they do. In various versions of the meme, people were instructed to post their first profile picture alongside their current profile picture, or a picture from 10 years ago alongside their current profile picture. So, yes: these profile pictures exist, they’ve got upload time stamps, many people have a lot of them, and for the most part they’re publicly accessible.
But let’s play out this idea.
Imagine that you wanted to train a facial recognition algorithm on age-related characteristics, and, more specifically, on age progression (e.g. how people are likely to look as they get older). Ideally, you’d want a broad and rigorous data set with lots of people’s pictures. It would help if you knew they were taken a fixed number of years apart—say, 10 years.
Sure, you could mine Facebook for profile pictures and look at posting dates or EXIF data. But that whole set of profile pictures could end up generating a lot of useless noise. People don’t reliably upload pictures in chronological order, and it’s not uncommon for users to post pictures of something other than themselves as a profile picture. A quick glance through my Facebook friends’ profile pictures shows a friend’s dog who just died, several cartoons, word images, abstract patterns, and more.
In other words, it would help if you had a clean, simple, helpfully-labeled set of then-and-now photos.
What’s more, for the profile pictures on Facebook, the photo posting date wouldn’t necessarily match the date that the picture was taken. Even the EXIF metadata on the photo wouldn’t always be reliable for assessing that date.
Why? People could have scanned offline photos. They might have uploaded pictures multiple times over years. Some people resort to uploading screenshots of pictures found elsewhere online. Some platforms strip EXIF data for privacy.
Through the Facebook meme, most people have been helpfully adding that context back in (e.g. “me in 2008, and me in 2018”), as well as further info, in many cases, about where and how the pic was taken (e.g. “2008 at University of Whatever, taken by Joe; 2018 visiting New City for this year’s such-and-such event”).
In other words, thanks to this meme, there’s now a very large data set of carefully curated photos of people from roughly 10 years ago and now.
Of course, not all the dismissive comments in my Twitter mentions were about the pictures being already available; some critics noted that there was too much crap data to be usable. But data researchers and scientists know how to account for this. As with hashtags that go viral, you can generally place more trust in the validity of data earlier on in the trend or campaign— before people begin to participate ironically or attempt to hijack the hashtag for irrelevant purposes.
As for bogus pictures, image recognition algorithms are plenty sophisticated enough to pick out a human face. If you uploaded an image of a cat 10 years ago and now—as one of my friends did, adorably—that particular sample would be easy to throw out.
What’s more, even if this particular meme isn’t a case of social engineering, the past few years have been rife with examples of social games and memes designed to extract and collect data. Just think of the mass data extraction of more than 70 million American Facebook users performed by Cambridge Analytica.
Is it bad that someone could use your Facebook photos to train a facial recognition algorithm? Not necessarily; in a way, it’s inevitable. Still, the broader takeaway here is that we need to approach our interactions with technology mindful of the data we generate and how it can be used at scale. I’ll offer three plausible use cases for facial recognition: one respectable, one mundane, and one risky.
The benign scenario: facial recognition technology, specifically age progression capability, could help with finding missing kids. Last year police in New Delhi, India reported tracking down nearly 3,000 missing kids in just four days using facial recognition technology. If the kids had been missing a while, they would likely look a little different from the last known photo of them, so a reliable age progression algorithm could be genuinely helpful here.