Microsoft praises facial recognition regulation progress

Brad Smith, the President of Microsoft, has praised steps taken in Washington State to regulate controversial facial recognition technologies, but the landscape still remains incredibly fragmented.

Such issues would rarely bother the consumer today, but the same could have been said about a Facebook personality quiz in 2015. Like the proverbial butterfly flapping its wings, small actions have the potential to blossom into chaos, and the implementation of facial recognition certainly fits into this category.

As it stands, the freedom in which facial recognition technologies are being experimented with, thanks to a lack of accurate regulation, is dangerous.

“Washington state’s new law breaks through what, at times, has been a polarizing debate,” Smith said in a blog post.

“When the new law comes into effect next year, Washingtonians will benefit from safeguards that ensure upfront testing, transparency and accountability for facial recognition, as well as specific measures to uphold fundamental civil liberties.”

Regulation applied retrospectively is a very difficult thing to do. In this case, as some police forces and intelligence services have been making use of the technology, they might resist any attempts to draw limitations. Regulating proactively to prevent abuse instead of trying to take away existing powers is a much more effective approach to take, removing the risk of concessions and compromises.

This is what Washington State has done, as Smith praises. Governor Jay Inslee has attempted to get ahead of the adoption curve before it progresses too aggressively.

Passed on March 12 by a 27 to 21 count, Senate Bill 6280 was signed into law by the Governor on March 31. This piece of legislation creates a framework to dictate how facial recognition technologies can be used by authorities but protects democratic freedoms and civil liberties. This is the accountability that it required for a pervasive technology which poses a significant threat to privacy and a significant opportunity for misuse.

What is worth noting is that while Washington State is claiming the praise here, there are others who have made very ambitious progress in this field already.

Washington State should of course be commended for this piece of legislation, but lawmakers in Illinois deserve the crown when it comes to forward looking law. Senators in the midwestern state have already passed the Biometric Information Privacy Act, which offers stringent protections to citizens by designating biometric data as valuable as a social security number. Companies and authorities would have to consult users and citizens before using the technology, rules which Facebook has fallen foul of as it faces another privacy lawsuit in the state.

Amazingly, the Illinois Biometric Information Privacy Act protecting citizens against the free-wielding and unvalidated implementation of facial recognition technologies was signed into law in 2008.

While Illinois set the standards in years gone, Washington is taking legislation of this technology to a new level. Under the new rules:

  • APIs or other technical capabilities will have to be made available to enable testing of the technologies by third parties to ensure there is no bias embedded in the algorithms
  • Vendors must also disclose any complaints or reports of bias regarding the service
  • A clear use and data management policy must be created and validated before any technologies can be implemented by authorities
  • Humans, not machines, must be responsible for the decision making associated with any component of the facial recognition technology
  • Mass surveillance has been ruled out. Implementation must be for a specific purpose, though there are exceptions to the mass surveillance case, (1) if a warrant allows it (2) finding a missing person or identifying a deceased individual (3) exigent circumstances
  • Surveillance cannot be applied to any individual’s exercise of First Amendment rights, and authorities cannot justify facial recognition based on a person’s ‘religious, political or social views or activities’
  • Finally, any implementations must be opened to public consultation

There are of course many more nuances and clauses written in suitably foreign legalese, though as you can see from the bullet points above, this is a very comprehensive law which should prevent the flamboyant implementation of facial recognition technologies.

Getting regulation in front of the rapidly developing technology industry is a thankless and often impossible task, meaning most legislation should be viewed as risk mitigation. These rules are promising, but there will certainly be loopholes exploited by the slippery lawyers of Silicon Valley. However, Washington State legislators should be applauded for their efforts to control a potentially divisive technology.

Given the complexities of the technology industry, it is slightly unfair to criticise lawmakers for not being able to protect us completely from the nefarious twists and turns of the digital economy. Few people in the world understand how the technology industry works today, and a radically smaller percentage can accurately forecast developments over the next decade. This is what we are asking of legislators.

Washington, Illinois and California are three who have made progress, but it is critical other states follow the lead. For evidence of why, simply have a look at the impact 2015’s ‘This Is Your Digital Life’ Facebook app has had on life years later.

US courts open the door for net neutrality fragmentation

A US Court of Appeal has seemingly put the final nail into the net neutrality coffin at a federal-level but has opened-up the option for state-specific rules.

It could be seen as somewhat of a mixed-ruling for the telcos, perhaps leading the US regulatory landscape towards the realms of fragmentation. It is a bit difficult to see whether this is a victory for industry or not.

The United States Court of Appeals for the District of Columbia Circuit was being asked to make a ruling on the decision from the Federal Communications Commission to undo net neutrality rules set in place by a previous administration in 2015. The Republican swaying FCC of 2018 voted 3-2 to remove the rules, which placed greater restrictions on the telcos, though this decision was challenged by various internet companies, local authorities and consumer advocacy groups.

The legal battle between the telco-supported FCC and those representing the OTT ecosystem has been raging for some time, though it was thought this ruling would kill-off the dispute.

“Today’s decision is a victory for consumers, broadband deployment, and the free and open Internet,” said FCC Chairman Ajit Pai. “The court affirmed the FCC’s decision to repeal 1930s utility-style regulation of the Internet imposed by the prior Administration.”

In 2015, a Democrat-majority FCC wrote net neutrality rules, placing the telcos under more utility-orientated regulation and limited the restrictions which could be placed on internet traffic for profit. In undoing these rules in the 2018 vote, Pai opened the door for telcos to offer premium services to content providers. In short, the telcos now have more freedoms to monetize the delivery of content and, subsequently, the consumer experience.

There are good arguments on both sides of the equation. The telcos should be entitled to monetize the assets which the OTTs have come to expect for nothing. That said, without net neutrality the major content players could effectively extinguish competition through throwing cash at better performance. Start-ups simply won’t be able to afford to be able to deliver the expected experience.

Strict net neutrality rules limit the opportunity for telcos to recover the vast sums spent on money. It is the internet industry biting the hand which feeds it. However, an absence of the rules favours the content giants and restricts potential competition or the ability of new disruptions to emerge.

The see-saw regulation which we have seen in recent years does not answer the question which is being asked.

“When the FCC rolled back net neutrality it was on the wrong side of the American people and the wrong side of history,” FCC Commissioner Jessica Rosenworcel.

“Today’s court decision shows that the agency also got it wrong on the law. The agency made a mess when it gave broadband providers the power to block websites, throttle services, and censor online content.”

On one side of the aisle you have a strict regulatory regime which probably goes too far and, on the other, you have a regulatory landscape which is perhaps too light-touch. That said, finding the middle-ground in today’s political climate never seems to be an achievable pursuit.

The issue which we potentially foresee is one of fragmentation.

“We uphold the 2018 Order, with two exceptions,” the ruling states. “First, the Court concludes that the Commission has not shown legal authority to issue its Pre-emption Directive, which would have barred states from imposing any rule or requirement that the Commission ‘repealed or decided to refrain from imposing’ in the Order or that is ‘more stringent’ than the Order.”

In California, the State Senate has passed its own version of net neutrality. A slightly different set of net neutrality rules have also been passed in Washington State. As you can see in the statement above, the courts have not ruled out the opportunity for the States to implement their own rules. This does not mean they are protected from legal challenges, though it does create a potential headache for the industry.

Any corporation which operates in multiple jurisdictions will crave consistency. Having to adhere to regional variances in regulation can prove to be difficult, especially when you are dealing with something as complex as the internet. There will of course be online services which traverse through different states. Being compliant with different regulatory circumstances could potentially be troublesome.

This nuance of the ruling could also test the legal strength and depth of the FCC.

Those States who argued against the FCC’s actions to repeal net neutrality rules include: New York, California, Connecticut, Delaware, Hawaii, Illinois, Kentucky, Maine, Maryland, New Jersey, Vermont and Virginia. If all of these states were to pass their own net neutrality regulation, the FCC would have to fight numerous legal battles simultaneously. It would have the support of the telcos of course, but it would have to face an army of reinforcements.

The Electronic Frontier Foundation, The American Council on Education, eBay, Twilio and The City of New York, as well as 27 other local authorities also supported the petitioners. It would be safe to assume numerous other content creators and distributors would also support net neutrality.

Some might have thought this ruling would have put an end to the prolonged net neutrality debate, however the curve ball thrown from the courts creates a very complicated regulatory tapestry moving forward.