Menus Subscribe Search

The World Wide Web

online-surveillance

(Photo: Maksim Kabakou/Shutterstock)

Do You Own Your Identity Online?

• April 04, 2014 • 10:00 AM

(Photo: Maksim Kabakou/Shutterstock)

The European “right to be forgotten” could help protect U.S. citizens against blanket data surveillance.

Facebook announced late last month that it had made a leap forward in its ability to identify faces in the photos published on its platform. Their software could match the same face in two different pictures with an accuracy of 97.25 percent, “closely approaching human-level performance,” according to the company’s report. The human rate of accuracy when identifying faces is 97.53 percent, just a few tenths better than Facebook’s algorithm.

This means that if the social network’s database has your face connected to your name—and, with more than 1.3 billion users and over 250 billion photos as of last year, it likely does—it can scan friends’ photos and tag you. On the surface, the system is routine and convenient: No longer do users have to manually input names when uploading a new photo. But does it strike anyone as strange that Facebook is trumpeting its ability to dissect your photos, as if a security guard is carefully scanning each party pic you post for readable data?

In the Internet era, our personal identities are fractured into many parts. We can be identified by our social media accounts or our phone calls and Web browsing histories, as Edward Snowden’s National Security Agency leaks underlined. And then there are the less mutable aspects of our identities: We can be tracked by the appearance of our faces, as on Facebook. As technology improves, we should be thinking about how surveillance can be applied to these latter qualities as well as the former.

Perhaps our primary concern should not be the collection of data, but how and why it is accessed and how long it survives.

As mundane as that assertion sounds, surveillance of physical data is becoming increasingly important, and not just for providing CSI plot points. Our data—whether physical or virtual, or physical and virtual—identifies us as individuals and is inextricable from our daily lives. Yet even in this time of mass surveillance, the legal structures around how we control our identities are more vague than ever.

The NSA’s own surveillance programs do have certain legal checks in place to protect those whose data it collects. The problem is, those confidential boundaries have never been examined under public scrutiny.

With surveillance programs like PRISM, the agency doesn’t need warrants to collect the data (including browsing history and phone call metadata) of U.S. citizens because it’s too difficult, it was determined, to gather massive amounts of information while filtering out targets from a specific region. Leaked documents (via ProPublica) call this the “limitations on NSA’s ability to filter communications.” If the data the NSA gathers turns out to be from a domestic U.S. citizen and doesn’t contain relevant information, it must be destroyed “at the earliest practicable point in the processing cycle,” though the domestic communications can still be retained for up to five years.

In the past, the Supreme Court has ruled such mass collections unconstitutional, but the U.S. laws governing data collection and surveillance have been loosening over the past decade, as this timeline clearly shows. A legal initiative in Europe, however, would have slowed the PRISM program down and given individuals more control over their data.

The “right to oblivion” (le droit à l’oubli) or “right to be forgotten” is a privacy measure put in place by the European Commission that allows Internet users to choose which of their data survives online. It has been defined as “the right of any individual to see himself or herself represented in a way that is not inconsistent with his/her current personal and social identity.” The law asserts an individual’s right to their online persona: If you tell Facebook to remove certain unflattering photos that you uploaded, the company is legally obligated to delete them.

In Italy, the first landmark right-to-oblivion ruling in 2012 established a precedent to an individual’s right over online information. A well-known figure who had been arrested for a crime sued a major newspaper to take down stories that failed to report their eventual acquittal. After an appeal, the court found that the newspaper had to “devise a suitable method to provide … an update to the original news,” according to Lexology.

Other cases underline the difficulty of managing online information. A Spanish camping company sued Google Spain because the search engine displayed gruesome images from a gas explosion that had occurred near the campground (the company was not at fault). The company argued that the images were damaging their business, but the case was dismissed on the grounds that as a subsidiary, Google Spain wasn’t liable to be sued. Google faces other cases from individuals requesting the removal of personal data, which is more specifically targeted by the law, rather than business information.

The right-to-oblivion law has been accused of overreach by the Stanford Law Review. It encourages micro-management of online identity and allows abusers of the law to forcibly remove any information they might find simply embarrassing or unflattering from the Internet, as opposed to information that represents an actual overreach by journalists, businesses, or the government. Yet in the context of the NSA, this kind of law could enforce the ephemerality of sensitive data used in identity surveillance and allow individuals to manage the persistence of personal information.

Perhaps our primary concern should not be the collection of data, but how and why it is accessed and how long it survives. The NSA documents show an enforceable length of time that collected information can be held (whether that is followed or not is another question), but private companies and other areas of the government lack the same strict guidelines. Future regulation must cover both the kinds of data that can be gathered and if they can be stored.

The issue of data collection is particularly relevant in the case of Facebook. When the website suggests that you be tagged in a photo, what it actually does is compare a pre-created quantified dataset of your face to the newly uploaded image and measures how closely you match the identifiable subjects. Facebook keeps individual face templates in its databases to use over and over again.

Yet that template, if requisitioned by a group like the NSA, can be used in other contexts to identify an individual; in security camera footage, for example. Though it offers its users a chance to opt-out, Facebook is creating a database of identifiable faces en masse, and is already using them to improve its identification technology.

There is no legal ruling about the protection of face identification in the U.S., but there are other cases that could provide recourse if Facebook’s data were to be unreasonably used to identify a criminal by face recognition, for example. What most closely resembles mass face-data gathering are DNA dragnets, the widespread collection of DNA data to solve crimes like rape. Often, police will collect DNA samples from an entire population—the town the crime took place in, for example. But are they allowed to keep the samples to compare against in future cases?

A 2013 Supreme Court ruling found that DNA evidence can legally be collected from someone who has been arrested in connection with a serious crime, suggesting that even those mistakenly arrested or who are not ultimately found guilty are liable to be entered into a DNA database. Other cases reinforce the ephemerality of passively collected identity data.

In 1995, Michigan resident Blair Shelton was pressured into giving a genetic sample in connection with a rape case. When the testing freed him of suspicion, Shelton successfully sued to have his DNA information destroyed. The Michigan Supreme Court finally ruled, “state law says that police cannot keep DNA records of innocent people.” That edict should also apply to digital records.

How data is kept is just as important, if not more, than how it’s collected—a lesson we can take from these examples and apply to blanket NSA identity surveillance. While opting-out is currently an option on Facebook, it’s certainly not for government agencies.

The utopian promise of the Internet is that it’s a free hub for information, where the more data you give away the more benefit you receive in the form of discounts, targeted ads, or community membership. But rather than giving away information wantonly and waiting for legal structures to come into place, the question in the coming years should be how can we can control our identities more, not less. Laws like the right to be forgotten should provide tools to assert this control.

Kyle Chayka

A weekly roundup of the best of Pacific Standard and PSmag.com, delivered straight to your inbox.

Recent Posts

September 16 • 12:00 PM

What Makes You So Smart, Brilliant 12-Year-Old?

Charles Wang is going to rule the world.


September 16 • 10:09 AM

No Innovation Without Migration: The Harlem Renaissance

The Harlem Renaissance wasn’t a place, but an era of migration. It would have happened even without New York City.


September 16 • 10:00 AM

A Law Professor Walks Into a Creative Writing Workshop

One academic makes the case for learning how to write.



September 16 • 7:23 AM

Does Not Checking Your Buddy’s Facebook Updates Make You a Bad Friend?

An etiquette expert, a social scientist, and an old pal of mine ponder the ever-shifting rules of friendship.



September 16 • 6:12 AM

3-D Movies Aren’t That Special

Psychologists find that 3-D doesn’t have any extra emotional impact.


September 16 • 6:00 AM

What Color Is Your Pygmy Goat?

The fierce battle over genetic purity, writ small. Very small.



September 15 • 4:00 PM

The Average Prisoner Is Visited Only Twice While Incarcerated

And black prisoners receive even fewer visitors.


September 15 • 2:00 PM

Gambling With America’s Health

The public health costs of legal gambling.


September 15 • 12:23 PM

The Scent of a Conservative

We are attracted to the body odor of others with similar political beliefs, according to new research.


September 15 • 12:00 PM

2014: A Pretty Average Election

Don’t get too worked up over this year’s congressional mid-terms.


September 15 • 10:00 AM

Online Harassment of Women Isn’t Just a Gamer Problem

By blaming specific subcultures, we ignore a much larger and more troubling social pathology.


September 15 • 8:00 AM

Atheists Seen as a Threat to Moral Values

New research attempts to pinpoint why non-believers are widely disliked and distrusted.


September 15 • 6:12 AM

To Protect Against Meltdowns, Banks Must Map Financial Interconnections

A new model suggests looking beyond balance sheets, studying the network of investment as well.


September 15 • 6:00 AM

Interview With a Drug Dealer

What happens when the illicit product you’ve made your living off of finally becomes legal?


September 15 • 4:00 AM

A Feeling of Control: How America Can Finally Learn to Deal With Its Impulses

The ability to delay gratification has been held up as the one character trait to rule them all—the key to academic success, financial security, and social well-being. But willpower isn’t the answer. The new, emotional science of self-regulation.



September 15 • 2:04 AM

No Innovation Without Migration: Do Places Make People?

We know that people make places, but does it also work the other way?


September 12 • 4:00 PM

Life, Liberty, and the Pursuit of Plastic Bags

California wants you to pay for your plastic bags. (FYI: That’s not an infringement on your constitutional rights.)


September 12 • 2:00 PM

Should We Trust the Hearts of White People?

On the 50th anniversary of the Civil Rights Act, revisiting a clip of James Baldwin on the Dick Cavett Show.


September 12 • 12:00 PM

Big Government, Happy Citizens?

You may like to talk about how much happier you’d be if the government didn’t interfere with your life, but that’s not what the research shows.


September 12 • 10:00 AM

Whispering in the Town Square: Can Twitter Provide an Escape From All Its Noise?

Twitter has created its own buzzing, digital agora, but when users want to speak amongst themselves, they tend to leave for another platform. It’s a social network that helps you find people to talk to—but barely lets you do any talking.


September 12 • 9:03 AM

How Ancient DNA Is Rewriting Human History

We thought we knew how we’d been shaped by evolution. We were wrong.


Follow us


3-D Movies Aren’t That Special

Psychologists find that 3-D doesn't have any extra emotional impact.

To Protect Against Meltdowns, Banks Must Map Financial Interconnections

A new model suggests looking beyond balance sheets, studying the network of investment as well.

Big Government, Happy Citizens?

You may like to talk about how much happier you'd be if the government didn't interfere with your life, but that's not what the research shows.

Give Yourself a Present for the Future

Psychologists discover that we underestimate the value of looking back.

In Soccer as in Art, Motifs Matter

A new study suggests a way to quantitatively measure a team’s style through its pass flow. It may become another metric used to evaluate potential recruits.

The Big One

One in three drivers in Brooklyn's Park Slope—at certain times of day—is just looking for parking. The same goes for drivers in Manhattan's SoHo. September/October 2014 new-big-one-3

Copyright © 2014 by Pacific Standard and The Miller-McCune Center for Research, Media, and Public Policy. All Rights Reserved.