
Blur Tools for Signal - tosh
https://signal.org/blog/blur-tools/
======
billme
Without sold proof this is not possible to circumvent, this maybe more
dangerous than not.

Here’s an example of AI being able to identify a blurred face:
[https://twitter.com/ak92501/status/1267609424597835777](https://twitter.com/ak92501/status/1267609424597835777)

Identifying an individual is not just about a face, but number of factors that
are much more complex and very hard to account for in a systematic way.

—-

If Signal is really concerned about allowing individuals to control the
information they leak, they need to prioritize releasing the feature that will
allow users to use Signal without providing phone numbers; one of their staff
recently publicly stated this is finally likely to become a feature. Not to
mention stop repeatedly asking for the user to provide their name, access to
contacts lists, etc.

~~~
StavrosK
That's not removing blur, that's making a face (out of millions) that matches
the same pixellization. There's no telling what the original face was, and
it's disingenuous that they don't show you the original photo.

~~~
felideon
At the end of the video they posted[1], they show the original photos of the
authors, the downscaled inputs, and the outputs.

[1]
[https://twitter.com/ak92501/status/1267609090689323008](https://twitter.com/ak92501/status/1267609090689323008)

~~~
tripzilch
And, IMHO they don't look like the same person any more, at all.

------
danShumway
I don't doubt that Signal has put a significant amount of effort into making
sure its blurs can't be reversed. But when I look at the results in the photo,
I don't understand _why_ they would put in that effort. Why derive a blur from
the base photo at all?

Things that seem way easier to me:

A) blacking out the face entirely with a solid color,

B) if that looks ugly, replacing it with some kind of clip-art,

C) if that still looks ugly, replacing it with a gradient

D) if that still looks ugly, replacing it with a pre-blurred face from a
generic set of buckets.

I sort of get the aesthetic argument, but I also really don't, because the way
Signal is blurring faces is ugly, at least in the photo they show. It's not a
seamless thing that blends into the background and looks way better than a
solid color. It's giant squares, and the amount of blurring means that the
contents are basically indistinguishable from a radial gradient to my eyes
anyway. Am I missing something? Would a gradient really look any worse than
this?

Is there some kind of use-case where blurs give aesthetically much better
results than what we're seeing in the photo? Are the concerns I'm seeing below
about de-masking just fear-mongering? Are blurs in general just pretty safe,
fast, and easy to do? Moxie isn't stupid, I assume in situations like this he
knows what he's doing.

~~~
matmann2001
Also consider the social effect. To the ordinary eye, it's not obvious that
this blur is resistant to reversal, unlike standard blur effects. However,
someone seeing the use of this blur effect, without understanding what it is,
may come to the false conclusion that a non-Signal blur is safe too.

~~~
danShumway
That's a good point. I've already seen at least one other person on this post
comment to a Github repo that blurs faces. It might be secure, it might not
be. I wouldn't trust it by default.

With a static overlay, the method is simple enough that _I_ can evaluate the
security. With a blur, I don't know the difference between a good one and a
bad one, so I can only trust the reputation of the author.

I like to be able to look at the output of an anonymizer and to be able to
tell myself at a glance whether it worked.

------
fit2rule
In case anyone feels like playing around with it, a friend and I made a
project to do auto-blurring of faces with OpenCV a few years ago, with both
iOS and node frontends ..

iOS module:

[https://gitlab.com/seclorum/groupie/-/tree/master/ios/groupi...](https://gitlab.com/seclorum/groupie/-/tree/master/ios/groupieFace)

Main node.js app:

[https://gitlab.com/seclorum/groupie/](https://gitlab.com/seclorum/groupie/)

~~~
gregsadetsky
The first URL doesn't seem to work, and the second URL brings to an "empty"
project. Just to make sure -- maybe it's just me?

~~~
fit2rule
Hmm, I guess I got the URL's wrong, and can't edit now:

[https://gitlab.com/seclorum/groupie/](https://gitlab.com/seclorum/groupie/)

Works on Linux and Darwin, just type 'make'. ;)

~~~
JosephRedfern
The project is public, but the repository is probably private. We can't see
any of the code.

~~~
fit2rule
Hmm, dunno how that happened .. maybe its better now?

~~~
JosephRedfern
Yes, fixed!

------
noodlesUK
What kind of blur is used? Blurs are annoyingly bad at obscuring things like
faces. They may be good at making faces unrecognisable to people, but they’re
not nearly as good at making faces unrecognisable to machines.

~~~
have_faith
I've seen this sentiment mentioned quite a bit, but is it still true with the
level of blur being shown in their example images? the blur level is extremely
high to the point that it has essentially left behind a smooth gradient. Even
with the algorithm known is there enough reversible information left?

~~~
rainforest
I suspect there's not much information in the individual blurred face, but I
wonder if given enough examples you'd be able to determine if an unblurred
face is the one in a sample of images with any level of confidence? You can do
that with text
([http://dheera.net/projects/blur](http://dheera.net/projects/blur)).

~~~
Arnt
The face and its surroundings are blurred almost to a single colour. The
average RGB value of my face might be unique-ish, but if you mix in some
variable background, photographed on a camera whose lens has been smeared
against the pocket of someone's jeans, the result should be human, not
individual.

A side comment: AFAICT what the Signal developers have done is take code that
was developed so that the phone camera could autofocus on faces, and and used
that code to defocus faces. What a sweet hack.

~~~
hnarn
A very sweet hack, but I think the concern was based on the example image
provided in the link posted. While the face is blurred, there's still a lot of
information you can glean about the person: their haircut, their neck, the
clothes worn etc. -- so I'm guessing the threat vector here is that if you
also have a general set of pictures from the same demo, you may be able to
automatically identify who the blurred person is.

Blurring is better than nothing but the best picture when it comes to avoid
being traced is the picture that was never taken.

~~~
lm28469
Let's be real for 2 seconds here, this is pure nonsense. No court of law would
do anything about "hey we arrested that guy because he has 2 eyes, a mouth and
the same tshirt as that other guy who was protesting yesterday", if it comes
to this you wouldn't even need a picture of blurred faces, just arrest whoever
you want and provide forged evidences (or none) because that's exactly the
same thing

And even then law enforcement are already filming them (cctv + from the air)
and tracking their phones, the last thing you have to worry about is a 100%
blurred face that no amount of technical power would be able to process or
match back to you.

~~~
fragmede
picture A of an individual, unblurred, protesting peacefully.

picture B of a blurred individual from later on in the same protest, wearing
the exact same clothes, commiting questionable acts, is circumstantially
incriminating.

------
sjwright
Would it be practical to take a facial recognition algorithm and use it to
warp the identifying characteristics of faces in a scene such that the faces
lose enough uniqueness to make facial recognition ineffective?

My understanding of facial recognition is that it operates on relative
positions of facial elements. If you can "delete" this uniqueness from the
source material by warping faces towards a limited handful of generic shapes,
you make the video less useful to Government intelligence.

You could still blur the result, but you might be able to get away with less
blur. Remember that it's important to see that people have faces otherwise
they can be more easily dehumanised.

~~~
Doxin
Ideally you'd run something like thispersondoesnotexist to generate random
faces to paste overtop people _before_ blurring it. That way if you somehow
manage to revert the blur there's still no chance of revealing the original
person.

Of course humans are pretty good at filling in detail, so with a sufficient
blur you can get away with surprisingly poor approximations of a human face.

~~~
sjwright
I’m thinking more about targeted distortions to maximally thwart
fingerprinting while minimally dehumanising.

------
Vinnl
I've seen it said that blurs can relatively easily be reversed. I wouldn't
expect that to be unknown to the Signal team, so I wonder if anyone knows how
they dealt with that. A different blur method that is not reversible?

~~~
barbegal
You are correct a standard Gaussian Blur can be reversed except along the
edges where data is effectively lost outside the blurred rectangle. In this
case the radius of the blur is large enough that a lot of data will be lost.
Combined with JPEG compression removing a lot of information too, reversing
this blur should be impossible.

A better blur algorithm (in that it can easily be proven not to be reversible
and is faster to process) is to divide the area to be blurred into a small
number of cells, (9,16 or 25) get the averaged colour in each cell and then
apply an interpolation between those colours as your output. This algorithm is
essentially O(n) where n is the number of pixels to be blurred. You can easily
prove that the information in the image is at most 3 bytes (each colour) * 25
(number of cells) = 75 bytes which is not enough to encode a face however it
may be enough to encode some limited details (such as skin colour, distinctive
clothing etc.) so always better to use a black box.

~~~
contravariant
Provided you know the exact method you can _in theory_ recover even the edges.
Although this is very numerically unstable, to the extent that just double
precision might not be quite enough. That said, that's just the theoretical
exact inverse. With proper regularization you might be able to recover far
more (although with a complex prior like a neural network it becomes debatable
what information you are recovering and what information you are putting in
yourself).

Side note, even with a mere 25px image (effectively) of someone's face I'm not
sure if it leaks as little information as you think it does. Just 33 bits
would be enough to uniquely identify someone, let alone 75 bytes. Practically
you wouldn't be able to recover more than some basic estimates of skin colour
and distance between the eyes etc, but in extreme cases that might still too
much.

------
kodisha
Honestly, I can't keep up with acquisitions, full e2e encryption claims, then
those claims get debunked, and you can't find out what the truth is.

Based on all information out there, in year 2020, what is the most secure IM
app?

What do you recommend to your friends if they care about privacy?

~~~
teekert
I recommend Signal. Sure, something selfhosted would be nicer (provided I can
be trusted to get encrytion rightly implemented and my server updated etc) but
Signal hits the best balance for me between trust, hassle and features.

~~~
alias_neo
You can self-host Signal if you want. It's not easy, or fun, and you'll need
to replace the dependencies on cloud tools if you want to host it on bare
metal, but it can be done (I have done it).

Bear in mind, the server is open source only in name, the state of
documentation and configurability is extremely hostile towards running it
yourself, to the point that the only way to configure it to run correctly
requires reading the code to find the type, size, syntax and everything else
about every piece of configuration because none of it is documented or clear.

~~~
wizzwizz4
Can you document it?

~~~
alias_neo
Sadly the answer is not the one I'd like to give. Were it in my hands, I'd
have documented it publicly already, as an advocate of open source and
sharing.

I did this as part of my day job, which included, at the time, documenting it.
It's impossible for me to share that documentation I did on company time. As
for doing it again, I'd have to check my contract and/or discuss it with said
employer.

------
vsareto
Can someone school me as to why we'd use blur when you can just put a solid
block of pixels of the same color over the face? The hard part is face
detection, right?

~~~
ahelwer
Blur looks better.

~~~
bryanmgreen
I wonder how hard it would be to replace the face with something akin to
Photoshop smart fill then blur the box into obscurity?

Keeps the aesthetics of the image but also removes the face entirely.

------
lelandbatey
I've tried this feature out and found that it doesn't do as good a job of
blurring faces as I'd like, especially when those faces take up more of the
frame. I posted some pictures here:

[http://lelandbatey.com/projects/signal_blur_comparison/](http://lelandbatey.com/projects/signal_blur_comparison/)

Basically, I think they're using a constant blur size which fails to
adequately obscure faces that take up a lot of the image because when a face
takes up a lot of the image then the features of that face become large, which
would require even MORE blurring to obscure. And they're not doing "more
blurring" when the area which needs blurring grows, or at least they aren't
doing _enough_ additional blurring.

------
itchyjunk
They are also distributing physicals masks? It's not even a filtering type
mask is it? How odd.

Is the blurring some type of encryption that the user can unblurr or is this a
one way road? I am just thinking off some odd circumstance where say they
realize they had a picture of a vandal somewhere. But I guess you can then be
forced to unblurr everything by law enforcement which might be undesirable in
some cases.

Slight off topic from the article, I was reading about the sting ray
discussion here on HN yesterday. Signal supports some sort of mesh network
communication right? Is that a work around for sting rays? Thanks.

~~~
Myce
I was also surprised by the physical masks. It seems they are intended to
'encrypt your face' which gives me the impression it should make you
unidentifiable.

When peacefully protesting, I can't imagine why you would need to hide your
face.

If not peacefully protesting and/or looting, such a mask has use for
criminals, but I can't imagine that's the intention of Signal.

I think in free, democratic countries, you shouldn't be allowed to hide your
face, so you can be held accountable for your deeds.

In non-free countries I can imagine you would need to hide your identity, but
would Signal be able to distribute them there?

Questions, questions ;)

~~~
ictebres
As the looks of it, US is pretty non-free when it comes to peacefully
protesting. So I guess this feature is very timely and directed towards users
there ;)

~~~
vinay427
It's most certainly not just the US. In the (western European) country where I
live, for instance, even a static protest or demonstration with no chanting or
marching and only a few participants requires non-trivial and somewhat
expensive police approval ahead of time. Most larger spontaneous events seem
to just ignore this and the police haven't generally responded violently, to
their credit.

------
supernihil
instead of bluring faces we should be replacing them with computer generated
faces, double up on fuzzyness and destroying the possibility of easily
detecting "its been blurred, i must then take out my best guessing tools then"

------
giancarlostoro
Why not just block it out instead of blur? Like all out white or black block,
or any color, or a 'redacted' button?

------
noeltock
Impressive how quickly they've reacted.

~~~
zeeone
They probably had worked on this feature for some time and are using the
current times as an opportunity to introduce it. It's hard to believe they had
the capacity to react to the traffic increase and develop a sharp new feature
in less than a week.

~~~
simias
If you look at the code it's not that far fetched. The facial recognition uses
"off the shelf" third party libraries and a gaussian blur isn't exactly rocket
science.

I don't know how much work goes into making a new Signal release but it terms
of raw coding it's like two days of work.

------
Someone
I doubt blurring faces on photos you take helps much in hiding your identity
from the government.

In events like these, they likely have access to quite a few image sources
that do not blur faces.

So, given an image with blurred-out faces, they can look in those sources for
images showing persons with similar skin color, hair, length, and clothing to
the person(s) they’re interested in, and from there find your face.

If they are willing to make an effort, even individuals may be able to do
that, using photos that people who don’t blur faces upload to the internet.

------
RedComet
So an organization that gets millions of dollars from the US government is
supporting people that wish to overthrow the government, many of whom are
outright anarchists. Seems like a poor investment. Unless....

~~~
alex-wallish
How is Signal getting money from the US government? I don't know much about
them, but that seems rather surprising.

------
easterncalculus
This is rather silly, you could always draw solid colors over someone's face
and it works better than blurring. A rather frivolous update, from a software
standpoint. The sentiment is nice.

~~~
hiq
Automation is a big part though, having to do it manually on 5 faces is
tedious, pressing a button is not.

~~~
easterncalculus
I see the point in this, but if you're going to automate something it should
be automated right! In most cases, getting specific people's faces in shot
isn't a good idea in general. If you're getting five people's faces in center
frame for a photo just to blur their faces out, then it's probably fair to ask
why you'd even take a photo at all.

~~~
sitkack
Recording and sharing are different things. If I take a picture of a cop
pulling masks off of protestors, I sure as hell want to record the incident,
but not necessarily share images of the victims.

------
simias
Is the pattern on these masks meant to confuse facial recognition algorithms
or is it just for looks?

~~~
ciarannolan
Probably the latter. The pattern doesn't really matter when 85% of the facial
features are covered by cloth.

------
xwowsersx
I don't know much about image processing, but can't blur from some area in an
image be "removed" so as to recover the original image underneath or am I just
totally mistaken about how images/pixels work?

~~~
haarts
Think of it this way; there is less information in a blurred image (less
colour, less lines, less areas). You can not* conjure information out of thin
air thus making the unblurred image.

* Recent advances in AI actually make this possible to an extend. The AI delves into it's massive memory and extrapolates a likely image/face.

~~~
regularfry
That entirely depends on how the image is blurred. The default gaussian blur
in an image editing tool can be reversed without leaning on magic AI to do it.

------
yingw787
As a software engineer: screw software-based solutions. Too hard to
communicate to people, too easily compromised without notice, just blegh for
things like this.

I remember the Mueller report being printed out, inked over, and then scanned
before exported as PDF just to make sure there's no software shenanigans. I
really like this idea.

If you wanted to implement that in the field, you could purchase a Polaroid
camera, ink over faces manually, and then use your iPhone and take a picture
of that picture and destroy the film afterwards.

~~~
raziel2p
This strikes me as ridiculously paranoid. Are you worried that a JPG/PNG
contains the original non-blurred picture or something?

Nevermind the fact that in your examples, the physical originals can be stolen
before you have a chance to redact/blur them, or your blurring done by hand
isn't good enough and you can get the original by increasing contrast or
whatever.

~~~
yingw787
...isn't the whole reason of this discussion revolving around events causing
"ridiculous paranoia" being realized? No, I don't think I'm being too
paranoid. Even if Signal is open source, it means smack if you don't know
what's actually running on the servers, or what's in each AppImage and running
on your phone.

If you have your servers and employees where the government can reach you, you
can be compromised, because ethics and morality go out the window when it's
about your safety and that of those you love.

Analog is always safest, because it's what the world is grounded in. If you
don't like inking over an image, then burn the faces of it using a blowtorch,
or if you're worried the ink is still there, you can stamp out the faces using
a hole punch.

------
erikbye
You can be identified by gait alone.

~~~
anigbrowl
Unreliably, and only if they have a clear view of your whole body, which isn't
likely in crowds.

~~~
erikbye
I disagree... this is an area I research, working on a surveillance system.
But even so, if gait alone was not enough, modern recognition software can
easily single out a subject in a crowd with just seconds of footage, and
through thousands of cameras track said subject throughout the city. Footage
will be plenty. At some point during tracking the subject is likely to reveal
his face, too, or other critical information. If your voice is picked up it
too will be used for positive identification. When you add in the people in
close proximity to the subject things get even easier, recognize one of the
other collaborators the target subject affiliates with and identification is
often a simple narrowing scan of enmassed OSINT away, done real-time, of
course. Or simply track the subject to an address, maybe even his home, and
swoop in.

I want to also clarify what gait recognition is, for those not that familiar
with it a common misconception is thinking it is limited to analysis of how
you walk. It is not; factors of gait recognition: height, weight, build and
proportions, sex, age, clothes (including type—-dress, shirt, etc.—-shape and
colors), emotions displayed, facial tics, unique mannerisms. The analysis of
your actual walk/gait is incredibly deep and consists of hundreds of
variables, too many for me to care mention here, I might blog about it if it
is of interest to anyone, but a few examples: cadence, the angles of just
about anything you can imagine possible to measure, spacing between feet,
knees, arm swing distance, etc.

For anyone familiar with Haar-like features it should be easy enough to
understand that with enough features within threshold you can id just about
anything.

This is all yesterday’s tech, by the way.

My point, be very cautious of attending anything that might destroy your
future. Do not think a mask or blurring protects your identity, that is
extremely naive.

~~~
anigbrowl
_My point, be very cautious of attending anything that might destroy your
future. Do not think a mask or blurring protects your identity, that is
extremely naive._

If you're afraid to be seen in public you have no future to destroy. It has
always been possible to identify people with diligence if one is sufficiently
patient. Given that you're 'working on a surveillance system' your post reads
as little more than an attempt to intimidate people from participating in
political activism.

~~~
erikbye
I am talking about participating in unlawful activities. I do not think most
people need to be afraid of being seen in public.

The system I am working on is not for law enforcement.

I respect people standing up for what they believe in. I do not respect people
destroying the property of others.

I see no harm in «educating» people. Even on HN I think there is few who
understands fully modern surveillance capabilities. Knowledge is power, I
believe information wants to be free.

~~~
anigbrowl
No, you talked about attendance of an event - I quoted you in order to make
the context clear. It is simply untrue to say you were talking about
participating in unlawful activities.

~~~
erikbye
«anything that may destroy your future»

Did I mention a specific event? No. Stop bickering, it is childish.

------
chinesempire
wouldn't it be easier and more secure to put a noise filled rectangle over the
faces?

~~~
rtkwe
You can but it looks bad and is distracting, a good blur doesn't distract from
the rest of the photo and looking good enough people are more likely to
actually use it which is also important. You can also build a blur that
discards enough information that it's not reversible and it /looks/ like they
did that, Signal has been pretty thoughtful about security so far so I doubt
they missed the research about simple blurs being insufficient to defeat
facial recognition.

~~~
chinesempire
You can always apply blur on the noise afterwards.

It took me less than a minute to do this with Gimp (and I'm very bad at Gimp).

It's a simple median blur over a random noise.

[https://i.imgur.com/f81JIRP.png](https://i.imgur.com/f81JIRP.png)

------
_wldu
I don't understand the need for this. There is nothing criminal or
embarrassing about being in public or participating in a peaceful protest. Why
is this feature needed?

~~~
Spivak
Because people fear retaliation from both the cops and their fan club. We’re
talking about the police that (in my city) flipped, ransacked, and destroyed
tables set out by volunteers to give protesters food, water, first-aid, and
sunscreen.

The last thing you want is to find photos or videos of yourself on a right
ring YT channel because you will get doxxed, harassed and threatened.

~~~
mc32
What kinds of people get doxxed? Your average protester in a march or the
independents who go off script and attack bystanders, observers?

The ones I recall like the bike lock incident in Berkeley was that the
extremely violent get doxxed on the chans but not your average protester who
isn’t smashing things.

~~~
netsharc
Not the US, but I know someone whose name ended up in a list being spread
around among rightwing groups as a "left activist" because he was on FB a lot
replying to anti-refugee/anti Muslim comments trying to educate the posters.

Imagine having your face online, plus the resources of the police...

~~~
ersii
What country did that happen in? Germany? Did anything happen to that person,
besides being on that list?

~~~
netsharc
"nothing" happened, if you consider worrying that some nutjob Nazis might show
up at your door or jump you when you walk to the shops, so that you have to
look over your shoulders and be paranoid, as "nothing"..

------
dominotw
what about videos.

------
liquid153
why not use a black square

------
seemslegit
Cool ! Now stop with the forced contact discovery.

~~~
exo762
May I ask you to elaborate? AFAIK the only thing they are leaking about you is
"is this phone number using Signal?". A single bit of information.

~~~
cjf101
Not the OP, but from my perspective, encryption is helpful, but a good portion
of security is anonymity, and Signal requires that you use and leak personally
identifiable information to even start using it.

It also informs you when people in your contact list are using Signal. It's
probably not scanning through all of the phone numbers in Signal's database
locally, so it is exfiltrating your contact list as well, exposing your
network.

Personally, I'd prefer a model where I am not required to place even that much
trust in the messaging provider.

~~~
seemslegit
> so it is exfiltrating your contact list as well, exposing your network.

They claim they do that in a privacy-preserving way with crypto magic but it's
the inform-people-when-you-start-using-signal part that is a problem

------
lanevorockz
At some point he have to assume this is about defending people that are
committing crimes. Nice to see that the radicalisation caused by left wing
social media is finally getting to its final conclusion.

------
yters
Why would peaceful demonstrators need to hide their identity?

I have been to numerous peaceful protests in the US, even been attacked by
observers, and have never had to hide my identity.

Additionally, in a large crowd where most will not hide identities, this app
is useless.

Only use case I can imagine is a one to many communication likely to be
frowned on by authorities, which sounds like the coordination of illegal
activity, such as violence and looting.

I wonder if any website where such techniques are popularized would
consequently be considered an accessory to whatever illegal activity is being
coordinated?

And even if not, as owner of such a platform, it would not rest easy on my
conscience to know my site is being used to help coordinate activity that will
hurt and harm a great many innocent people.

~~~
2OEH8eoCRo0
Devil's advocate here but if I were a Nazi and wanted to peacefully protest
I'd hide my face. If I were protesting for any socially unacceptable fringe
group I'd rather hide my face.

~~~
yters
that is precisely the sort of group i was protesting with, hence why i was
attacked, and i had no need to hide my face because we were not doing anything
illegal

and the US is not nazi germany or the ccp. if it were, face blur filters would
be the least of your concerns. this only makes sense in the context of
conducting illegal activity in a lawful democracy

~~~
regularfry
Only if you think the lawful democracy is perfectly implemented, and we know
that's not true.

~~~
yters
no place is perfect, but if we compare to say ccp us is still orders of
magnitude better

~~~
regularfry
"Over there is worse" is not equivalent to "over here is safe."

~~~
yters
"over here is not perfect" is not equivalent to "over here is not safe" :)

i just think we need to look at what we got compared to most places and times,
and not be too quick to throw out the baby with the bathwater

~~~
regularfry
> "over here is not perfect" is not equivalent to "over here is not safe"

Yes, it is.

~~~
yters
I doubt it. You seriously think police will go out of their way to look
through these photos and arrest peaceful protesters?

On the other hand, in China, just for having Signal or the like on your phone
is enough to earn a stay in their concentration camp and some involuntary
organ donation before getting disappeared for good.

I would say there is at least a slight (very slight, mind you ;) difference
between the two situations.

~~~
regularfry
> You seriously think police will go out of their way to look through these
> photos and arrest peaceful protesters?

Given everything else they seem to be getting up to, why take the risk?
Especially when Facebook will do the hard job if tagging folks for them. I
certainly know of police keeping their own photographic records of peaceful
protestors, so why contribute to the problem?

Also, why assume it's only the police a protestor might be worried about?

> On the other hand, in China

Don't care. Totally irrelevant. This is not a comparative exercise, and you
can stop using it as a cheap deflection now.

~~~
yters
if you have clear proof the police do this, you have a lucrative lawsuit on
your hands :)

~~~
regularfry
Here's a US law enforcement trainer, writing about what law enforcement
agencies need to do around peaceful protests:

> Law enforcement officers must monitor peaceful protests to identify
> individuals who might do harm and incite violence. Such individuals should
> be detained, isolated or interviewed to determine if they are a threat to
> the peaceful assembly.

From [https://inpublicsafety.com/2016/07/preparing-for-protests-
ci...](https://inpublicsafety.com/2016/07/preparing-for-protests-civil-unrest-
requires-coordination-among-agencies/).

Here's one UK police branch that does it in the open:
[https://en.wikipedia.org/wiki/Forward_intelligence_team](https://en.wikipedia.org/wiki/Forward_intelligence_team).
It would be beyond naive to assume that police in the US don't do the same.

All of this is a side-show, though. If I take a photo at a protest, how do I
know what harm would come from publishing any faces that I happen to capture?
You seem to be making the argument that I, as a private citizen, shouldn't
have a tool available to ensure that I'm not doing harm. Who does that serve?

The fundamental core of your argument seems to be that if people have nothing
to hide, they have nothing to fear. That is, and always was, bullshit.

~~~
yters
What's wrong with the argument? At any rate it is all besides the point. The
only feasible usecase for this signal face blurring is coordinating illegal
activity. Any other use doesn't make sense for the reasons I've given a couple
times.

