Written by Tammy Lee
Illustrated by Amy Jiao
In today’s digital age, information is spread and shared across the world almost instantaneously. It has become increasingly challenging to protect our personal information, especially when most of us own a digital device that has a camera — it’s possible for apps, or even government agencies, to gain access to your smartphone and computer cameras without you noticing. Algorithms instantly run new personal information about you; the more information they go through, the better they can recognize you.
I remember being shocked when I saw how facial recognition technology was implemented in surveillance systems while running around the Xuhui district in China last summer. Near a large intersection, I noticed a huge mounted screen. When someone attempts to jaywalk, their face immediately appears onscreen with a red box tracking their face. Personal information including their name and date of birth will appear on the screen, alongside a warning that they have been identified as a jaywalker and will be fined. Aside from tracking individuals, this facial recognition tech can also be used in daily activities such as a credit card payment and unlocking your phone. As facial recognition improves, it puts our privacy at risk, which leads many technology users to ask: are there options out there for the personal privacy-conscious?
Recently, researchers led by Professor Parham Aarabi and masters’ degree candidate Avishek Bose from UofT’s Department of Electrical and Computer Engineering have created a ‘privacy filter’ using artificial intelligence. This ‘privacy filter’ introduces ‘adversarial attacks’ to disrupt facial detection technologies, resulting in specific yet subtle changes in the images generated. These small attacks are not only fast and robust but were able to fool the face detector to misrecognize nearly every image in the‘300 Faces In-the-Wild Challenge’ (300W) dataset. The detection AI and the disruptive AI can learn from each other, creating a feedback loop where both are constantly improving. Although the specific pixel changes are imperceptible to the human eye, it can efficiently fool facial detection algorithms. Eventually, this ‘privacy filter’ may be offered as a smartphone app just like Instagram and Snapchat filters, allowing users to engage with the web without fear of giving up personal data.