The secretive facial recognition database ripped straight out of dystopian fiction, Clearview AI, was the victim of a massive security breach.
We briefly highlighted the semi-legal nature in which they compile your faces in our article covering the murky gray areas surrounding facial recognition tech. Since that article — and their emergence from the shadows — Clearview AI became a hot topic. Evidently, they also became a target.
What exactly got hacked?
While many may be worried that their personal data is in the hands of hackers, as of now it seems as though the target of the attack was not the database of images and facial nodes, but Clearview AI’s client list. The list, which was obtained by Buzzfeed News, shows that Clearview has been deceptive once again.
That list of clients shows that the company is seeking opportunities far outside the scope of local law enforcement as they have previously claimed. While it had been disclosed that police departments across the US and Canada have used the technology, it is somewhat surprising that the federal government has gotten involved with the start-up as well.
US Immigration and Customs Enforcement, also known as ICE, are on the hacked client list. Customs and Border Patrol (CBP) are as well, in addition to members of the FBI and Interpol.
ICE and CBP have made approximately 8,000 and 7,500 searches respectively. Between the two agencies, it seems that the US Department of Homeland Security are big believers in Clearview AI, which makes the hesitancy from the presidential administration to put sweeping facial recognition technology regulations into effect a lot more understandable.
It is Not Just Big Brother Watching You Anymore; It is Everyone.
Enabling global government oversight may be a noble cause if the intentions were solely to combat criminal activity. Clearview CEO Hoan Ton-That said in an interview that the technology is “strictly for law enforcement.” He also told Buzzfeed News that Clearview was “focused on doing business in USA and Canada.” The rest of the leaked client list shows that this is not the case.
Entering the world of Minority Report, we see that Macy’s, Best Buy and the NBA are all involved with Clearview AI and their facial recognition technology. It is unclear exactly why retail and entertainment companies would be using the tech. Perhaps it is to combat shoplifting, or for researching their consumers, or maybe even targeted advertising. What we do know is, Macy’s seems to be a fan of the technology, conducting more 6,000 searches with their paid subscription.
In addition to the crossover from international law enforcement agencies and governments to private corporations, another major revelation of the hack is Clearview AI’s ties to Saudi Arabia and the United Arab Emirates. These oppressive regimes now have access to technology that would enable them to conduct human rights violations in the way that the Chinese government is tracking and suppressing the Uighur population.
No One Wants to Admit Using Clearview AI Tech
Many companies and institutions have distanced themselves from Clearview AI, and they have been able to do so due to varying degrees of plausible deniability. While some of the clients on the leaked list are paid subscribers, others are using free trials.
Some organizations have not signed contracts partnering up with Clearview AI and their use of the technology has been done by individual employees or departments within the companies. It should be noted however, that Clearview’s code of conduct dictates users must be “authorized by their employer.”
Is this a Case of Hacktivism?
This hack has generated some severe criticism and push-back from across the country. In response to the use of Clearview’s tech on University campuses, Evan Greer of digital rights advocacy group Fight for the Future said, “This is exactly why we’ve been calling for administrators to enact a ban … A security officer shouldn’t be able to use this to stalk students around campus.”
Nathan Freed Wessler, an ACLU staff attorney, succinctly said, “Government agents should not be running our faces against a shadily assembled database of billions of our photos in secret and with no safeguards against abuse.”
It seems as though this hack brought a lot of Clearview AI’s shady practices to light, and did so without compromising billions of people’s personal data. This raises the question, was this a case of hacktivism? If it was, it has certainly achieved the desired effect: exposing secrets and revealing truths in an effort to protect the public.