Both the airlines and the involved law enforcement have a right or even a duty to know who you are when you are boarding the plane. They also have facial recognition data, either from a passport photo or putting a camera in front of the check-in, and arguably they have a right to that.
People walk around with their faces all the time. They post it on social media. Would it be a problem if a security guard lets you through a gate because he recognizes you? Is it more troublesome that all security guards of the airline now can recognize you at the gate?
I think we need to be more precise about what exactly is spooking us and why. Using facial recognition for boarding security is not as big as a problem as facial recognition being used for law enforcement or whatever they do in China now. But that's a topic for legislation and regulation. If companies are prohibited from storing personal data without consent, that should be enough to stop almost any legal infringement.
If such legislation is impossible, because your government is completely unaccountable, or because companies are unaccountable to such laws, then that is a much bigger problem than the potential for violations of privacy...
With regards to privacy I keep coming back to the conclusion that it is more important and effective to improve and enforce regulations than to beat up on particular technologies.
What's spooking me is the normalization of facial recognition technology for identification without adequate public agreement over what the limits of its applications should be.
A machine recognizing me is a lot different than a human recognizing me. If a machine can recognize me, there can be cameras posted at every street corner, and some organization can reconstruct my movements based on where and when my face is pinged by the system.
It's sort of possible for humans with access to surveillance footage to do that, but the amount of human effort required to accomplish it makes it impossible to do at scale. An automated system could do this for everyone, always.
On such flights you essentially (can) check in remotely, receive the QR code via mail and essentially badge yourself into the plane all the way without ever showing ID.
I can't fathom that scanning my face is any faster than that.
 The Basel airport is technically in France, though the Swiss part of the airport which I entered is treated like it's in Switzerland and not in the EU, as far as I understand.
Once upon arrival in Prague and once in Zurich upon arrival from
In all other cases the whole process, at least in ZRH, was completely automated.
It does depend on country and airport, though.
Customs is a whole different kettle of fish. But as for id, I'm very rarely asked.
Which is an entirely different thing. The former is a technological reality. It's impossible to legislate away devices who can do that.
Tracking and storing personal data on the other hand, is very much within the reach of regulation. The GDPR for example restricts this. Even if somebody has devices who can recognize you is not allowed to store and track data about such recognition incidences without your approval. In this particular case, they don't need your approval because the camera is used in lieu of a boarding pass, and the airline has every right and duty to know you are boarding right now.
In case you are worried that the airline connects your travel patterns with other companies interested in other patterns, well, that works with a boarding pass or even a simple check mark on a pen-on-paper boarding list just fine.
Storing and using that model across various devices is trivial. So if we've done the hard part, the easy part is _definitely_ going to be done. There's no doubt about that.
States, companies that can convince the state that they somehow need the data (cough insurance companies) will, I repeat, WILL utilize it. And now, suddenly your premiums for this month have gone up cause in that ski trip you took last weekend, a camera noticed the lack of headgear for about 5 mins. That's the kind of risk the insurance company cannot take. Pay up.
Good luck trying to advance science by avoiding to invent anything that can recognize image!
In the case of the mass-shooting prediction: Good luck proving that it is accurate enough to legitimize punitive consequences for the suspected perpetrator, and without violating a half-decent democratic constitution.
Some of the predictors are in themselves crimes, and picking those up would justify correctional measures, no problem. Schools and police also need to get a lot better at picking up and handling mental health problems, be it through algorithms or smarter laws and procedures. Make it easier for the mentally ill to get medical help than to buy an assault rifle, for starters.
It is actually be pretty trivial to legislate restriction of these devices. We do that all the time.
edit: Especially on planes where shampoo-technology is pretty much outlawed...
And image recognition happens completely in silicon. There is no way to know from the outside if a device is recognizing patterns in image data, much less differentiate between recognizing faces or dog breeds.
And of course, storage and utilization of personal data is a lot easier to regulate in a way that can be enforced. That's the main premise of the GDPR legislation, by the way. Of course, criminal and negligent businesses can totally abuse your personal data, often without consequences. But they can't do so legitimately and they don't have access to the legal and open economy.
Even Facebook and Google are feeling the pain already. They do violate some laws some of the time and they have a hard time hiding that, because hiding it requires criminal intent itself, and it's really hard for hundreds of people to keep such secrets, regardless how profitable.
> The former is a technological reality. It's impossible to legislate away devices who can do that[facial recognition].
Please explain that statement, as it seems like total nonsense to me. My point about explosives is that just because something is "a technological reality", or that there's no way to physically prevent people from implementing something, that in no way makes it immune from legislation. We can legislate whatever we want.
Here's a law which would make it impossible for JetBlue to implement this system:
"No organization shall be permitted to use an automated system to identify individuals using an image of their face."
2. I think you're missing the point with your larger argument. It seems as if you are saying: we should not be concerned about JetBlue's use of this technology because this use-case in particular does not constitute the dystopian Orwellian potential of facial recognition technology. The point is not that this is the use-case which crosses that line, the point is that it is a big step in that direction, and has happened without a public discussion of where exactly the line should be.
3. You say w.r.t. GDPR:
> Of course, criminal and negligent businesses can totally abuse your personal data, often without consequences. But they can't do so legitimately and they don't have access to the legal and open economy.
That's an argument in favor of regulating facial recognition technology itself isn't it? We can allow the technology to be normalized, and just hope everyone is following regulations about not abusing access to our personal data. But given what has been revealed about PRISM and other government spying programs, it's hard to imagine that such data would not be abused if it existed. On the other hand, we could agree not to make facial recognition a part of our daily lives, or to put very careful boundaries around its use, and make it that much harder for it to be abused.
If you live in a town and there’s a couple security guards or even cops that can recognize you, that’s pretty normal.
If there were thousands of private security guards as well as cops hired by the government stationed all around you, in every part of your life, gazing at you from every corner, and they had all been trained to recognize you, and every time you walked by one they whipped out a notepad and took detailed notes on what you were doing, you’d freak the fuck out, justifiably.
And if you are not able to stop them from doing that, may I suggest you have a bigger problem with your government or the security guards than being tracked by them?
Again: Tracking personal data is regulateable, facial recognition technology is not.
And the mere act of checking the identity of a person for legitimate access control purposes is no unreasonable infringement on privacy.
Worse would be accepting someone who isn't allowed to board, but such things are easily mitigated.
The potential to be mistaken for a wanted criminal has always been real. Facial recognition may even be more accurate overall in that regard. But it's nothing new. Drug sniffing dogs have false alarms all the time, some even cheat intentionally. And police officers better not shoot someone on sight when they recognize them from a mugshot.
What if this information is used to blacklist people who take advantage of hidden city flights using sites like skiplagged? You start off blacklisted by one airline, but they might have a database-sharing deal amongst them that’s presented to the user in TOS saying that it is a “cost-saving, fraud prevention program”.
What if different carriers of different kinds of transportation start sharing the same database and synchronize in minutes? You might show up at the airport, get denied boarding for your flight for a reason you know how to fix, but then your Uber app denies you a ride because your face now matches their updated passenger blacklist database?
Yes, these last two examples are contrived, but the technology is clearly there to hook it all up. Do we now need a to visit the local police station or some kind of PII credit bureau just to ensure that our record is clean and our identity has not been stolen?
The EU government is already combining the biometric databases of its member states as seen here , so this sharing is starting to take place more openly.
If Apple is violating the law, you can sue them. If the Chinese government tracks your movements, well, that's probably the least of your problems with the Chinese government...
But, yes - terrorism and the children.
We know facial recognition is not that fair.
Makeups and hairstyle sometimes affect the result..
It is particular bad for dark skin color: Part of it is poor training data set. Another part of the problem is lower contrast in photo (need better lighting / extra infra-red channel).
For example if I were to walk into Starbucks and they say "hi $adult how is $child", and then i ask how do you know that. The reply is we got that info from the DHS. Yes, very creepy.
When technology and law enforcement cross paths, I'd argue we'll be better served by placing the burden of proof on proponents of the new tech instead of on those spooked by it.
Is facial recognition actually able to do this? Does matching images by a machine prove it is me?
People were flying without any photo ID until just a few years ago (except internationally). We’ve given up so much freedom & so much of what made air travel fun in exchange for so little.
We need to stop letting people scare us into giving away our freedoms.
Arguably it's merely been taken from us. There are plenty of who object, and the TSA is wildly unpopular. That makes little difference to the fact that the pace continues ever further. I don't mean to be defeatist, but I don't think a sternly worded letter has ever made much of a difference, and probably won't in the future.
The only caveat is that when REAL ID takes effect and entire states full of people (e.g. Arizona) simply cannot fly, maybe enough complaints will be generated to come to some compromise. I'm not holding my breath, though.
https://www.dhs.gov/real-id shows Arizona in green.
That said, the experiment hasn't really been done. Can a politician campaign on restoring the dignity of the American public? Can a politician convince people that security theater is real and really harmful? I would guess not, but I would be glad to support whoever that is.
I do the latter and will just continue to do so. shrug
It doesn't seem all that scary if everyone's doing it. Just look at the use of facial recognition in the movie Coco. They could have made up any magic to stop Hector from leaving, but Disney decided to teach kids that having your faced scanned when going through security is totally normal.
Planes were hijacked all the time, and back then they weren't nearly as many planes as now. 
> so much of what made air travel fun
It's not supposed to be "fun", flying isn't a right, it's a privilege that enabled mass tourism which is an ecological and cultural plague. People take easyjet/ryanair like they take their cars to go grocery shopping, Berlin, Paris, Rome, &c. are now hell on earth.
Free movement is a right in the EU BTW
Deezer/Jump/OFO/Mobike/DonkeyRepublic bikes everywhere, now they even started using electric scooters, parking them in front of monuments, in the middle of the already small sidewalks, on the road (??!)
You can't go to museum/parks/monuments/local biergarten.
Public transports can't keep up. Even worst, roads can't keep up (uber + car2go + taxis everywhere)
Half of the flats in touristic areas are aribnbs, artificially increasing local prices + kicking local people out.
Artificially increases restaurants / bars prices.
I don't even get how tourists are having fun, it's literally like queuing in Disneyland to see/do the most basic things and take the same pictures as everyone else. I saw hundreds of people queueing for 2+ hours for a famous burger / kebab place, if that's what you consider "fun" and "freedom" ...
> how come you think free movement is a privilege
Never said that. Now that people can buy a Paris<>Berlin tickets for the price of a restaurant they go enjoy their mindless 3 days of paradise, wreak havoc on the locals, and move to their next destination. It's just like freedom of speech, when abused it starts to get nasty.
> When culture becomes nothing more than a commodity, it must also become the star commodity of the spectacular society. - Guy Debord
> Ideology, information and > culture < tend more and more to lose their content and become pure quantity. - Raoul Vaneigem
> you would like to have active and passive citizens ?
No, just informed and non destructive tourism. The number of tourists coming to berlin, for example, doubled in 10 years, the infrastructure almost didn't change in the same time. 3.5 million inhabitants, 14 millions annual tourists. Every single month of the year: 40%+ of the population is made of tourists.
 edit: 13.5 million guests, 32.9 million overnight stays.
Instead of shaking your fist at airplanes flying overhead, maybe try increasing the hotel tax and cracking down on AirBnBs.
Of course, you'll probably encounter opposition to this because some locals are making a great deal of profit.
Going to go out on a limb and say that preferring to be biometrically screened at an airport than incarcerated or dead isn't an irrational phobia of the latter either...
I don't disagree that our freedoms are being eroded but what exactly was more fun about air travel 5 years ago that isn't still today?
You can still do this:
I had to do it once and just barely got through. They had to phone in and then ask me several questions that were rather ambiguous. Sort of like credit check questions but with some other strange stuff mixed in. The only specific question I remember was they asked me to name any churches or schools nearby my home address.
Then I had to get a very invasive patdown and they had to take every item out of my bag and check them all individually.
(You are required to carry ID when visiting another Schengen country, but it is not checked by airports like for extra-Schengen flights)
Scaring the public is worth billions of dollars to businesses selling this crap to the government. It won't end as long as it basically prints money.
Sidenote: entering/exiting both Aus and NZ recently, immigration checkpoints in both countries did appear to make extensive use of facial recognition.
Given the somewhat-recent studies which show that the vast majority of border guards (unless they happen to be "super-matchers") have a 1/7-or-worse failure rate when trying to check a person's passport photo, I think it's quite understandable to do the facial recognition electronically.
But such a system should only be used for immigration purposes (where identity verification is very important to get right), not for getting onto a plane or just coming into the waiting areas of domestic airports.
I'm actually quite happy with the facial recognition cameras at the Australian border - they make things a lot faster than they used to be from my experience.
That's why we added the metal detectors. Reinforcing the cockpit doors may have been an okay response to the events of 9/11 and potentially would have been sufficient to prevent most major terrorist attacks that seek to use the plane itself as a weapon rather than merely destroying it. (Also people will generally gang up to attack hijackers now rather than just remaining calm and letting them fly the plane elsewhere. Which sufficiently changes the dynamic.)
I remember the first time I encountered a metal detector at an airport (my parents were concerned that it would terrorize us kids but I just thought it was interesting). Before then we just walked onto the plane, like boarding a train.
It's not 100% ID-free though: AFAIK they are permitted to check ID, and they do it randomly.
Can I ask what countries you fly in? I fly frequently within the European Union and I am a EU citizen. However, even for flights between the Netherlands and Germany I have to enter my ID details during check-in and it's checked multiple times throughout the trip.
It's not just random checks, but it seems mandatory. When you drop off the luggage they ask for your ticket + ID. When you board the plane, they again ask for your boarding pass + ID. The exception is large, modern airports such as Munich where you simply scan your boarding pass when boarding the plane.
How do you do this? Do you just refuse?
I have definitely also flown from Germany to Italy and back without ever showing ID. I can also recall flying from Germany to Shiphol without ID, but I can't recall whether I was controlled on the return flight.
And how well did that end up?
Remember "back in the good old days" when 30+ highjackings a year was normal?
> And how well did that end up?
With no more serious problems than have been seen under the new regime over a much longer period than the new regime has been in place.
> Remember "back in the good old days" when 30+ highjackings a year was normal?
Well, no, not literally, because I'm under 50. But I do remember the much lighter than the current regime security checks that were put into place which ended that, and reduced the base rate of security incidents so low that it's nearly impossible to detect whether the much more intrusive current measures have any added effect.
Maybe this is unrelated, but it's starting to feel like every bad accident in this world is affecting us in this very strange way. For example, I was very surprised to find that Sri Lanka cut everyone off from social media "just like that". To think there are people with this kind of power seems a little frightening to say the least.
But, what's even scarier is that these bombings and 'tragic' events tend to steer us in a very controlling direction. All of a sudden the government has an incentive to enforce more control over its citizens and society as a whole.
> The pattern of responding to threats by curtailing rights began early in American history. In 1798, when the future of the country was in doubt, Congress passed the Alien and Sedition Act, which made it a crime to falsely criticize the government or government officials—men were sent to prison for speaking ill of certain individuals and decisions.
It's not sudden at all. The Reichstag fire  and the Reichstag Fire Decree , which is probably reasonably described as a pivotal part of the rise of Nazi Germany, demonstrate exactly the incentive you describe.
At least as far back as 304 AD  - and probably further - people in power have noticed that they can exploit this incentive structure with a "false flag" attack.
* 0 https://en.wikipedia.org/wiki/Reichstag_fire
* 1 https://en.wikipedia.org/wiki/Reichstag_Fire_Decree
* 2 https://books.google.co.za/books?id=RDqyIcSLJ0AC&pg=PA164&lp...
I think a temporary ban on social media is appropriate to mitigate such violence in the immediate aftermath of such a terrible attack.
Immediately after the right-wing terrorist attack in Norway people thought it was committed by Muslims. Some people began utilizing the attack to blame Muslim immigrants. Some incidents of violence and verbal attacks have been reported.
So, in the particular case of the Easter Sunday attacks in Sri Lanka, I'm not yet ready to judge the government action/inaction.
The ongoing "global war on terrorism" is no exception.
In my opinion, this is one of the few applications where it actually makes sense.
Sloppy security personnel is not something you address with tech, you address that with training and incentives.
To imagine it a bit more viscerally, imagine instead that the system had no cameras and instead required you to submit your daily movement report at the end of each day. An agent walks from door to door and you hand him your written report of exactly what you did today and that gets entered into the Government Saftey and Oversight Commission Database. What are they going to use all that data for? There are only a handful of good reasons, but a disproportionate list of bad reasons that explicitly limit freedom.
Second to that. Would you be as comfortable going to a strip club or a fringe political gathering or a conference for a controversial topic if you knew you had to put it in your report? It has a chilling effect on freedom of movement and pushes fringe activities that are perfectly safe and legal into the darkness.
Ubiquitous facial recognition fills in all of this missing data well enough, and without you doing anything but walking out your front door.
Passports already store biometric data, which I assume is also stored in some government database when you have it issued, so I don't see what's wrong with using that for something useful.
If you feel safe with those folks driving the direction govts are headed ... well..
Yes, me. All of them will already be used to being hounded by paparazzi, and it would be very human for them to mistake that for normal. Two of them (Facebook and Apple) already use face recognition in their products.
>US wants to use facial recognition on air travelers leaving the country
The US is kind of unique in that it doesn't have immigration officers who stamp your passport when you leave ... so you have no proof that you have left ... it also means that there are no transit lounges in the US, you can't land in SFO from say Australia and get on a plane to London without passing through US customs and spending time and money getting a US visa (even an ESTA takes time and money)
At the moment the US depends on airlines to get it right, it used to be that when you arrived they stapled a green bit of cardboard into your passport, sometimes the airlines would forget to collect it as you left, or lose it and people would end up getting arrested when they come back (a night or two in the cells and thrown on a plane back home). For a while there were kiosks in the departure lounge. Now days it's done electronically, and they still get it wrong occasionally, the error rate however is probably way below 3% at the moment.
The horror stories from people caught this way mean that people from Oz/NZ often prefer to travel to Europe the other way around rather than risking US travel
There is a huge potential to harass people using such technologies, particular such people whose complaints are most easily ignored. But that is more of a problem of holding the government accountable for such behavior in general, rather than trying to stop them doing their arguably necessary job in this particular instance.
I'm generally against regulation or restriction of migration, by the way. But I'm also in favor of the authorities having a general idea who's coming and leaving.
I mean, going via the US is 6 hours longer compared to going via Asia.
Sydney > Dubai > London is ~23 hours. Sydney > LA > New York is ~23 hours, and then another 6 to get to London.
> "Once you take that high-quality photograph, why not run it against the FBI database? Why not run it against state databases of people with outstanding warrants?"
I actually have no issue here. I would love it if law enforcement is aided in doing their job. I really don't want someone evading arrest for a recent violent crime or a person on the FBI's wanted list trying to board an aircraft with other passengers and succeeding.
My issue is transparency on the data governance, security, and data residency of the entire system viz. where it's stored, who has access, and how is it accessed.
OK equates to only the government having the database, secure access done remotely via API by the airline at check-in and boarding, a human present to verify any anomalies with the facial recognition & records access, and the boarding pass/ID/PP being used as a second factor if necessary.
NOT OK equates to a private company running a central database, local copies of any database being stored by any airline, having facial recognition as the only option available, and having the data shared with any entity other than law enforcement.
If a private company uses some database, especially a centralized/government database, to do the same task - then it's absolutely dystopian.
- The identification step should be completely anonymized. I.e. the facial recognition step is completely black-box. When I buy my ticket, I submit a photo, and a token is produced which is shared with the airline, and they can compare this token with one which is produced when I show my face at checkin. Like with password storage, even if the facial recognition dataset were somehow compromised, it should not give attackers a way to link my face with my identity. And it should not be possible to type in my name and get to pictures of my face.
- The dataset used to identify me should have a finite lifetime (i.e. from when I check in until the plane takes off) and should be verifiably destroyed afterwards.
- It should be possible to possible to opt-out and identify myself by other means.
This type of biometric check of "the person dropping the bag is the person boarding" has been in use for more than a decade e.g. on Scandinavian, and I think it's basically fine if they use temporary and secure data storage.
The biometric verification didn't take place at all if you didn't check in a bag.
I've often thought that border control has the best time lapse of me aging
Edit: those under investigation, warrants, or charged with crimes are not elligible. Neither are those with passports from outside major US allies (India Colombia UK Germany Panama Singapore Korea Switzerland Taiwan Mexico Canada)
Edit: looks like this in MIA? https://www.cbp.gov/newsroom/national-media-release/global-e...
Planes can make you and your whole family burn in a crash. So I guess that makes you cry really hard every time you board a plane, because that is really horrible.
It could also be attacked by terrorists, but that probability is even lower by a few magnitudes. But since you already cried a lot, you just had enough and had to implement a huge dragnet? This makes so much sense!
edit: I wish I could underline words on HN to underline the magnitude of magnitude.
I’ve seen good setups for this like at the UK border. This is not the same.
Almost everyone got rejected and got looked at by staff, especially black people who the machine seemed incapable of recognizing. Children? No chance.
I get it, there are privacy concerns which should rank higher, but you don’t even need to pull them out here. This is just useless bad tech.
I was just going to say I've done this in the UK. You put your passport on a scanner and look into the camera, took a full 5 seconds though, but since there are many more of these than border guards it's still faster.
I think at Gatwick in the UK they have a similar system where they take a photo of you as you enter security and it is then checked again at the gate. It does not work well if you are wearing glasses.
I wonder if some certain styles of eye wear would make facial recognition significantly ineffective? Highly unsymmetrical with lenses opaque to IR etc.
But I'm not sure how far they'd get even now. I'm guessing that checks on do-not-fly etc lists might already flag hem.
Of course, the security of actual boarding passes seems extremely flimsy compared to the rest of airport security. The airlines could just take a picture and do no more verification at all, and wind-up with current security.
I can see that they might want to know that each passenger has paid for the seat but that’s about it.
There are some high-standard modern terminals in the US too though.
But still the standard in Europe seems higher in general than North America.