
Swiss journalist re-implements ClearViewAI in two weeks with OS software - dukoid
https://twitter.com/grssnbchr/status/1225846790093725696
======
sschueller
The head of swiss data protection (Eidgenössischer Datenschutzbeauftragter)
was on the news program [1] and scolded them since according to him it is
illegal in Switzerland to scrape data of the internet and then do facial
recognition on it to identify people.

He said because they are media it may be ok but the average joe and company
should not get any ideas of doing the same thing.

He also said it is facebook/instagram's responsibility to keep the users data
safe and prevent it from being scraped.

I'm not sure how anyone can prevent data scraping and I also don't see how it
can be illegal if the data is on the public internet. Can anyone elaborate why
it would be considered illegal to scrape data in Switzerland? I can see there
being a conflict between the privacy laws and doing identifying recognition on
public images but downloading the images themselves I don't see being illegal?

We deal with scrapers taking our data all the time and this is the first time
I heard that it may be illegal.

[1] [https://www.srf.ch/play/tv/10vor10/video/fokus-heikle-
gesich...](https://www.srf.ch/play/tv/10vor10/video/fokus-heikle-
gesichtserkennung---das-experiment?id=579ffb3b-dadf-490b-be62-e9c692f2e3bb)

~~~
quotemstr
> He said because they are media it may be ok but the average joe and company
> should not get any ideas of doing the same thing.

That's not the first time I've seen someone claim that a journalist claim is
allowed to perform some kind of information processing that's off limits to
regular people. These claims are specious and ridiculous. Journalists do not
form a distinct class with special privileges, even if they claim to be one.

~~~
vvG94KbDUtRa
They're nonsensical. There's no legal definition of journalist. You don't get
a license from the government

~~~
Barrin92
This is Switzerland, not the United States. In Europe at least in many
countries journalists _do_ indeed have special privileges and they do have
recognised legal status and licenses, usually represented by private/public
institutions that oversee ethical standards in the industry and so on. In
Germany for example this would be the German Press council, in Sweden it is
the Opinionsnämnd etc..

For the love of god can we please stop pretending that every country on the
planet is the US.

~~~
Mirioron
I sure wish those journalists would have any more credibility than regular
people though.

------
secondo
Not claiming this is the result of, but this article is the wet dream of
Facebook lobby groups. Facial recognition won’t go anywhere, that ship has
sailed, but regulation might restrict which data you’re allowed to use for it
and oh boy would Facebook love monopolizing their throve of data and use
regulation to fend off any threat to their leading ability to profile
individuals.

In the topic of restricting access to others the author says:

 _But I ask myself: How difficult can it be for a billion dollar revenue
company?_

Pretty difficult when the law prohibits you[1]. Hopefully that forces
regulation to cover the weaponization of technology not access to data. Right
now this comes off as; you’re not allowed to enrich uranium, unless you own
the land.

[1] [https://www.eff.org/deeplinks/2019/09/victory-ruling-hiq-
v-l...](https://www.eff.org/deeplinks/2019/09/victory-ruling-hiq-v-linkedin-
protects-scraping-public-data)

~~~
arthurcolle
"Mark Zuckerberg: Then I guess that would be the first time somebody's lied
under oath." \- The Social Network

------
lazyjones
While this demonstrates the capabilities of easily accessible ML software, it
also shows the power held by large corporations and governments who have bulk
access to this kind of data (images from social media, crawling) and how ML
makes them able to abuse it. It's really scary to think they know where and
when I was photographed or filmed in public (doing whatever) by random people
while I don't...

~~~
chmod775
This specifically shows that you don't need to be a large corp to do this.

Everyone can do this at home today and on a budget, with publicly accessible
data.

~~~
lazyjones
As an individual, you have to try your luck with collections of images that
happen to be publicly accessible, whereas large entities have access to many,
many more images (all private collections in the cloud for example, or
security camera material) and can search them systematically. That's a big
difference IMHO.

~~~
dontreact
At the moment (as someone who works at a large company), it honestly seems
easier to scrape->do something sketchy with the data than it would be to
overcome the internal privacy protections that are in place at a large
company.

~~~
lazyjones
Do the internal restrictions apply to everybody at Google (my guess from your
past comments) equally, or are there departments with easier access,
government contracts etc.?

~~~
dontreact
I can’t speak for all of Google (maybe there is something secret I don’t know
about, although I doubt it given how much leaking there has been), but for the
sensitive data I have had to deal with for my job, I’m not aware of anyone
having a way of bypassing the controls.

------
patrec
> But I ask myself: How difficult can it be for a billion dollar revenue
> company?

Am I the only one who has trouble believing that someone who was at a
technical level involved in scraping and running facial recognition on 200k
photos would genuinely answer "Not very?".

~~~
hedora
I’ve implemented a few scrapers for various purposes, and run bulk data
analysis over the results.

It was years ago, and it was not very difficult.

I’d guess this would be an easy summer intern project for a bright undergrad.

~~~
patrec
Would the same bright undergrad be likely to believe that stopping scraping on
a service with a billion users is an easy problem?

------
coding123
I got a privacy notice update from my bank today. In the past I was generally
OK with my bank to generally share data and all that because it goes toward
credit scores and a variety of other things.

I'm not so sure any more. I feel like we've reached a point where a massive,
trustable, profile of me is for sale. I don't think I want a bank that is
allowed to do it any more.

Does anyone have any recommendations for a bank focused on privacy? (and for
that matter credit cards?)

I know I know - probably impossible, but I am pretty sure I just created a
market, who's with me?

~~~
billiam
That banking wet dream used to be subject of this article, Switzerland! As
long as you had enough money.

------
lapink
It seems hard if not impossible to prevent illegal use of profile pictures. If
a web browser can access them, collecting them can be automated. Even if they
are only accessible through an app on iOS or Android, you could still, on a
device with root access, capture the API calls and reverse engineer how to get
those pictures. So we might just assume any intelligence service already has
that. The only protection against a more widespread development of those
products would be legal I think.

~~~
Youden
There's a simple, practical way to do this: don't make the images public.
Limit them to some degree of separation by friend connections.

I think this should satisfy most friend-finding use-cases while eliminating
comprehensive large-scale scraping.

You can still reconnect with that guy you saw at a party a few years ago or
that teacher from high-school. Chances are they're within 2 or 3 degrees of
separation from you.

~~~
ggggtez
>Limit them to some degree of separation by friend connections.

Haha, oh sweet summer child. How do you think Cambridge Analytica got all that
data? All you need is 1 friend with lousy security practices.

