Game Over for Automatic Facebook Tag Suggestion in Europe

In a victory for consumer privacy, Facebook has agreed to suspend the automatic use of its facial-recognition tool in Europe. The tool suggests people to tag in users’ photographs when registered users upload them to Facebook pages. Facebook Europe has agreed that by Oct. 15, it will give EU users the choice as to whether to allow the use of facial recognition software.

The “tag suggestion” tool gives Facebook the ability to build a “signature” of an individual’s face, based on photos in which they have been tagged. Face.com – an Israeli company that Facebook acquired in June, which has stated that it has 31 billion face images profiled – developed the software. Facebook also agreed to delete all facial recognition data it stores about its European users.

Facebook made the announcement in response to an investigation by the Irish Data Protection Commission (DPC) as to whether its practices adhere to a series of recommendations the DPC made last December to ensure that the social network company was in compliance with European privacy laws and taking measures to protect users' privacy rights.

Here in the U.S., EFF has urged Congress to protect privacy in face recognition. Here’s an excerpt from EFF Staff Attorney Jen Lynch’s testimony:

“Face recognition is here to stay, and, though many Americans may not realize it, they are already in a face recognition database. Facebook refuses to say how many face prints it has in its database and whether it creates a face print for photos of non-Facebook users. However, given that Facebook has approximately 170 million active monthly users in the United States alone, at least 54% of the United States population already has a face print.”

Freedom Not Fear Spurs New International Effort

The international Freedom Not Fear week of action, which wrapped up Sept. 17, brought activists together from Brussels to Sydney for protest events and workshops to highlight and challenge surveillance trends. Organizations from 11 European Union member states gathered for workshops in Brussels, and European Data Protection Supervisor Peter Hustinx met with advocates to discuss the upcoming European Union Data Protection Reform. He also delivered a detailed explanation of his interpretation of the “Freedom Not Fear” motto, saying, “Fear is always a bad adviser.”

A result of the gathering was the creation of a new International Working Group on Video surveillance. As EFF has explained before, closed circuit television cameras (CCTV) are becoming increasingly ubiquitous in the United Kingdom, and the introduction of a tool called Facewatch that is being used to target rioters in the London protests has activists especially concerned. The new working group has announced a campaign to react to the latest developments in privacy-intrusive technology, and targeting Facewatch is a high priority.

"The idea of 'Freedom Not Fear' is to give citizens and civil rights groups time and a place for networking in order to strengthen their engagement and personal efforts," says Michael Ebeling, part of the Freedom Not Fear organizing team. "We are glad that we are moving forward with this, bringing people from different countries together."

Australian Law Enforcement Pushing for Data Retention

Ongoing hearings are underway at the Australian Parliament about a package of National Security Inquiry proposals that would revise telecommunications interception laws and make it easier for law enforcement to eavesdrop on telephone and Internet communications. At a recent hearing, Australian police commissioners told members of Parliament they thought telecoms and Internet service providers should be required to store users’ digital communications for two full years, and that they wanted to help draft formal legislation to that effect. An article in an Australian publication called The Age suggests that police wanted data retention to extend even farther than the two-year time span:

[Australian Federal Police Commissioner Tony Negus] told the inquiry in Sydney that police would "ideally" prefer the information be held by telecommunication companies indefinitely, so it could be accessed by police at any time. "The two-year proposal ... we could live with," he said. "It certainly wouldn't be ideal, but we could live with [it]."

The initial package of proposals, which was submitted by Australian Attorney General Nicola Roxon, contained only a very vague mention of a proposed data retention framework. Roxon submitted a letter to “clarify” the proposal on Sept. 19, leaving open the exact framework yet quoting extensively from the European Union Data Retention Directive, a policy instrument that EFF has joined international privacy advocates in opposing. The directive has been met with widespread resistance and has been found to be unconstitutional by several European courts.

Privacy advocates have criticized Roxon for withholding more detailed information about the mandatory data retention proposal until after civil society had submitted formal responses to Parliament based on the vague wording in her initial discussion paper. In late July, Roxon even told reporters that the "case has yet to be made" for the controversial data retention proposal. EFF will continue monitoring the status of the National Security Inquiry and data retention proposals in Australia.