In the span of a few weeks, the COVID-19 pandemic has reshaped how the world works, forcing millions of workers into home offices and putting unforeseen burdens on technologies such as video conferencing platforms, VPNs and cloud services.
In this new world, some technologies are already starting to thrive. Zoom, for instance, has taken off as the go-to video conferencing solution for business communications (despite some worries over its encryption). This new paradigm is also opening doors to the deployment of an even more powerful cutting-edge technology: Facial recognition.
While still in its infancy, business and government agencies are increasingly turning to facial recognition technology at a time when social distancing is the norm; newer biometrics, such as fingerprint scans, are considered impractical at the moment, since a person needs to touch a screen in order to verify his or her identity (possibly spreading COVID-19 as a result).
In early March, reports surfaced the New York City Police Department stopped the use of fingerprint biometrics as a security protocol to enter its buildings due to concerns of spreading disease.
These and other concerns are driving wider adoption of facial recognition. In China, where the outbreak first appeared in January, Hanwang Technology is preparing to deploy facial recognition technology that works even when people wear masks, according to Reuters. Unsurprisingly, one of the company’s biggest customers is China’s Ministry of Public Security.
Even before the COVID-19 outbreak, facial recognition technology was beginning to blend into daily life. A recent lawsuit filed by the ACLU against the U.S. Department of Homeland Security (DHS) details how the government wants to deploy facial recognition in more airports and across the border as an enhanced security measure.
Even with controversy over privacy and security, facial recognition is picking up steam during this unprecedented time. “There is, of course, a space for facial recognition systems and their potential use, especially during the COVID-19 pandemic, is clear in becoming an alternative to fingerprint and other biometric technologies that rely on touch based sensors,” said Steve Durbin, the managing director of the Information Security Forum, a London-based non-profit organization that focuses on information security and risk management.
Better Ways to Train Your Algorithm
In many ways, facial recognition technology is pushing the current boundaries of machine learning, as developers are looking for better ways to train their algorithms to not only make the process more accurate but to eliminate biases.
In December, before the current crisis of the COVID-19 pandemic, the National Institute of Standards and Technology (NIST) started a program that attempts to eliminate some of the biases found in facial recognition technology as well as other biometrics.
NIST released three biometric databases, which contain fingerprints, facial photographs and iris scans, that anyone can access to help train machine-learning algorithms to create better applications for facial recognition or other types of identity and access management (IAM) systems.
One reason NIST released these datasets is to address issues in a study the agency conducted at about the same time, which looked at nearly 190 software algorithms from 99 developers and found bias in how the applications worked, including a high rate of false positives.
Whether building your own applications or adopting the technology of others for a project or company initiative, it’s important to remember that facial recognition is still in its infancy despite the benefits, said Rui Lopes, engineering and technical support director at security firm Panda Security.
“Facial recognition, in connection with body-temperature technology, has proven to be very helpful in various countries, helping to prevent the spread of COVID-19 and to identify those who may be sick,” Lopes told Dice. “Great care must be taken by any organization that adopts facial recognition at this time, and should disclose their data-collecting practices.”
Facial Recognition and Legal Concerns
As with any new technology, lawmakers are also eager to put their stamp on it, which means new sets of legal requirements that need to be considered before applications can roll out into public use.
On March 31, Washington State Gov. Jay Inslee signed what is considered the country’s first law that regulates facial recognition software. The bill had support from one of the state’s biggest employers (Microsoft) which offers its own facial recognition software through its Azure platform.
Over the last several months, Congress has also held hearings concerning the use of facial recognition as well as other biometrics, as a way to improve identity and access management at a time when older methods aren’t keeping up with newer business demands and security needs.
“It’s important to understand the legal implications and potential repercussions to an individual’s privacy,” said Matt Gayford, principal consultant at the Crypsis Group, an incident response, risk management and digital forensics firm based in Virginia.
Gayford notes that other states and cities are considering how to regulate facial recognition technology to balance out its benefits. That could affect privacy. And whether it’s developers, security teams or a company’s legal team, following the changes are critical to how facial recognition can practically develop over the next several years.
“Many of these locations have different ideas about what is acceptable and what should be prevented,” Gayford said. “The House Oversight Committee has been planning a hearing to discuss the use of facial recognition technology but has already experienced delays and stated that legislation won’t happen any time soon. In such an emerging market, it’s critical to stay informed and to read the fine print, even in the face of crisis.”