I used to think some of my peers were being overly cautious by purposely trying to obfuscate their online profile. Back in the day, I couldn’t care less about putting in effort to try to protect my online privacy. I have slowly but surely come to see the light. Now it’s at the forefront of my mind at all times.
Learning about this company (and I imagine other unknown entities are doing the same) has encouraged me to get more aggressive.
I think I will start to try some shenanigans I learned from a friend. I plan on replacing my online profile pics to a random grab from https://www.thispersondoesnotexist.com/. Might not make much of a difference for the old stuff, maybe I can successfully request a data deletion as the article suggests. At least it will introduce a little bit of noise to the AI overloads :)
I grew up with the "don't use your real name on the internet" in the back of my head, this was before kids got internet safety classes.
5-10 years later, Facebook came up with their real name policy and started asking people to snitch on their friends if they used a fake name. Google, and mainly Youtube, came with a real name policy as well, on the one hand for Google+, but on the other to try and fight comment abuse - theory being people are more hesitant to be a dick on the internet if they use their real name.
But people got used to that real fast, and since there was little consequences anyway, it didn't work.
People have valid reasons to use a fake name on the internet; government and business surveillance is a big one. Abusive / stalker exes are another. Having an alternate persona (e.g. entertainers, authors) which people are trying to hide from their un-understanding or abusive family, or society at large.
I too am extremely opposed to any and all non-consenting invasions of digital privacy (i.e., the problem isn’t the known-known of what you upload, but the hidden implications of it), but on the contrary, I make a disciplined effort to make my digital fingerprint reflect my actual views and identity. Whatever time capsule my digital identity ends up in, I want to be as accurate and beautiful as possible.
This includes my avid support of corporations which make good faith efforts to defend natural rights and freedoms, and my vehement opposition to corporate/political nonsense that does not represent, in good faith, the interests of humanity and nature. “A reasonable amount” of surveillance is an essential aspect of society, but it SHOULD be considered invasive, and should never be invisible. I suspect that there will be BS metrics to evaluate how “consenting” a given individual is to NSA/Clearview type behavior, and I would hope that I am casting a shield of protection. I feel bad about the fact that an element of bitterness is necessary to be resilient. I know no other way than truth.
I truly act as if AI is learning from me, and believe that there are long reaching and metaphysical effects to all actions.
Thank you for sharing this viewpoint. Your end goals are admirable. I will seriously consider adopting your strategy.
Obviously, I'm using a nym. Because I've wanted to my life to be faceted. I've lived very publicly before (ran for office). But in geekdom, I didn't want people to casually correlate my politics (activism) with my open source efforts.
Just for the record, the journalist who broke the story on Clearview noted that Clearview AI has specifically demonstrated it isn't fooled by thispersondoesnotexist.com:
They might have already scraped all of the faces on that site. They aren't generated on demand so you conceivably scrape the entire database of fake people and tell the algorithm to ignore anything matches them. Then, the algorithm would just treat any photos of a person that doesn't exist that it finds in the wild as it would if you have no profile pic. It might fool a person or an AI not trained on those pictures. Another option is to generate your own people that do not exist and use those images. This could work as long as Clearview isn't doing some sort of image analysis to look for telltale signs of AI-generated faces. You could start photoshopping fake faces onto your real pictures in an effort to blur the line between AI generated pictures and real pictures.
He thought giving them a fake face would gum up their search quality and ability to resolve him. I'm saying it would basically be a null-photo to Clearview.
It's the fact that it returned no matches, that indicates it isn't fooled. If it were fooled, it would have associated those faces with the accounts that use them (assuming anyone is using the, which they probably are).
By returning no accounts, it demonstrates their AI isn't using those faces for identification.
In that case, how about the opposite strategy? Take your own picture and a GAN with a latent space feature (i.e. a thispersondoesnotexist that lets you decide age, gender, etc.). Then set the parameters so that you get a picture of yourself. Upload this picture to social media and watch Clearview ignore it, while you still look like you to humans.
I was thinking something similar. Maybe with some randomization to it, so different profiles across (social) media wouldn't link together through Clearview et al. but still all look like you to humans.
You may be surprised to learn that your face is your least identifying trait online. You network of friends/followers/likes identifies you far more readily—even if you use a random username.[1]
Managing your privacy is a lot like CPU side channel attacks. It forces you to re-evaluate your fundamental assumptions about what information can be exploited.
Replacing pictures wont help (they already have them), GDPR request for deletion might work better but on the other side you also give them your confirmed identity. With companies as shady as this one, they might just set a flag in their database and add your documents data to them.
As you have figured out on your own, public should listen to some people warning about this for more than decade instead of making fun from them (tin foil hat,...).
And if anyone thinks that google and facebook are not having their own versions of clearview, think again. Any form of online presence under real name has to be minimized and it is doable but this would mean that all personal narcissistic pushes would need to be stopped (or should I say - cured) and refrain yourself from using any personal information (no, you wont secure my account by having my phone number, provide me TOTP if the security is really the reason) on the internet while avoiding it beeing stolen by apps (application firewalls, sending back fake data and not using any google applications including removing their preinstalled spyware by rooting the phone).
I can guarantee you that you wont be missing anything relevant (I am doing it for more than decade). But. Will you do that? Can you do that? Do you want to do that? Most people just rather take blue pill.
> With companies as shady as this one, they might just set a flag in their database and add your documents data to them.
This is exactly my fear. If they were more legitimate, I wouldn't be worried about sending an ID card. Thinking if it makes sense to fake an ID with my real picture on it so they can give me the data and 'delete' it but with a fake name to make sure I'm at least not feeding the troll.
Dumb question - how can anyone be sure that companies actually delete the data? What about the backups, what happens to the data there? How do these govt enforcers verify this? Also, what about Clearview's employees abusing the data? what stops them from snooping on someone they are interested in?
It is actually not stupid. Nothing stops them except a liability for a hefty fine if they are cought. In same manner as nothing stops criminal from stealing your car. But there might be a jail sentance that deters him from doing it. Some cars will be stolen, some criminals cought and jailed.
Sure, car has locks. It is preventive measure. Same as not uploading your personal data/pictures/... to "public" servers.
Your peers were being rational, but it's a drop in the bucket. I've come to the conclusion that privacy can only be protected with legislation. There is too much surface area to protect for the average person to police their own data trail online. Even experts have a tough time doing it. You'd have to abstain from virtually everything, and even then you can't keep other people from posting you, tagging you, etc.
This isn't a technical issue. It's a political issue.
Starting in the early 90's, 'everyone's a dog on the internet', so my profile pics were dogs. One buzzed evening, I changed a few to Fabio. Good luck, Fabio,
Learning about this company (and I imagine other unknown entities are doing the same) has encouraged me to get more aggressive.
I think I will start to try some shenanigans I learned from a friend. I plan on replacing my online profile pics to a random grab from https://www.thispersondoesnotexist.com/. Might not make much of a difference for the old stuff, maybe I can successfully request a data deletion as the article suggests. At least it will introduce a little bit of noise to the AI overloads :)