3 Concerns of Facial Recognition and Privacy

In the last few weeks, three very interesting articles were published specifically around the use of facial recognition technology. In fact, all three articles address what seems to the central concern around AI-based facial recognition:

  • How should these databases be created?
  • Who should be able to access the technology?
  • How can regulators limit the possible abuse of organizations using the technology?

These new articles are critically important as biometric privacy policies (e.g. facial recognition) is not standardized across the US. For example, the Washing Privacy Act (WPA) has very strict standards around facial recognition while CCPA is a little more relaxed. 

Here are 3 recent articles highlighting different views on facial recognition:

Illinois Class-Action Lawsuit Over Facial Recognition Privacy:

New York has long been a state the empowers the use of technology and the freedom to build exciting companies. Recently one of those companies, Clearview AI is receiving some negative press specifically in the state of Illinois. The Clearview AI technology allows law enforcement agencies to act on real-time facial recognition technology. While this technology has been adopted by other law enforcement agencies across the globe citizens in Illinois feel it is violating their civil rights.

In a recent ZDNET article found here states that Clearview AI was scraping social media outlets and illegally capturing people’s photos. The citizens in the lawsuit are suggesting the process of scaping the photos violates biometric privacy.

It is really interesting about this process is how Illinois is using a class-action method to sue Clearview AI. And how a company not based in NY is still required to meet the privacy standards of another state. This trend will certainly continue until we have a national standard for privacy. Until we will have problems similar to the EU and London noted below.

London Police Using Facial Recognition:

In London police announce they are looking to use enhanced facial recognition technology to improve public safety by identifying criminals in real-time. In fact, the London police department is planning on rolling out the same company Clearview AI mentioned above in the new class-action suit.

A recent article from The New York Times found here highlights several countries and various security forces all finding success with the new technology including Clearview AI and NEC. However, opponents are quick to highlight the inaccuracy of the new technology the basis including gender and race. 

The most interesting part of this article is the police do seem to be as transparent as possible about using this technology. And from the tone of the article, it seems like they will be moving forward with it. However, the rest of the EU may not be in agreement.

EU Considers 5 year Ban on Facial Recognition:

The EU recently released a statement on possibly placing a 5-year ban on facial recognition technologies while the governing body determines how to effectively reduce police officially possibly abusing the technology. A recent article from the BBC can be found here

Regulators’ primary concern is police using surveillance videos to automatically scan the public via automated facial recognition technology. Some are concerned the technology is intrusive and inaccurate.

The best part of this story is the regulators are spending the time to learn the best way to use technology which ensuring public safety via the police department.

In summary, legal bodies need to be in alignment with new technology companies and law enforcement organizations. The real challenge is to know when to use technology to protect the public while ensuring the public is being protected while not abusing the technology. Only time will tell how the marriage of law, justice, and technology will all be aligned. 

Learn More at www.rivn.com

Data Privacy Day – 3 Data Privacy Facts

Data Privacy Day is here! Why is this day so exciting?  Companies are finally realizing the power of privacy can have several benefits including the following:

  • Building brand trust
  • Driving a positive ROI
  • Staying ahead of the global privacy trend.

Because of these key factors, companies large and small are making privacy a major focus in 2020. Companies are implementing new policies, procedures, and technologies to ensure compliance and to stay competitive in this global market.

Here are 3 points on why everyone should celebrate Data Privacy Day:

Privacy Drives Transparency and Increases Brand Loyalty:

Consumers are now realizing the true power of having their data collected by companies across the globe. Wise consumers are now deciding to interact with brands that offer transparency when it comes to customer data. And the ones that offer exceptional experiences by leveraging that same information.

A recent Salesforce report found here suggests that 76% of consumers expect companies to understand their needs and provide a custom experience. That only happens when consumers are willing to share their data with these companies. In fact, according to the same report, 92% of consumers are more likely to trust these companies when they are transparent about the purpose of capturing data.

In short, the companies that are transparent about capturing data will reap the benefit of brand trust if they use that data responsibility and offer a personalized experience.

Data Privacy Drives ROI:

Some companies fall into the trap that privacy is only a cost center. These same companies see new regulations as just another hoop to jump through instead of an opportunity to improve systems, increase customer satisfaction and in turn increase ROI.

Cisco recently published a new data privacy report focusing on hard ROI numbers which can be found here. What is really interesting about this report is for the first time it puts a hard ROI number around privacy accountability. The reporting found on average companies will realize a $2.70 in brand benefit for every $1 spent on privacy and that numbers goes up for larger organizations. The benefits can be found in top-line revenue, increase brand trust, a reduction in data breaches and a reduction in sales cycles just to name a few areas.

Again, this report highlights a real ROI based on thousands of responses when companies make privacy a priority in their organization.

Data Privacy is Growing Across the Globe:

For years the web has been a bit of the wild west in terms of companies collect data consumers and then buying and selling that data everywhere. Now across the globe legal bodies trying to develop laws that encourage business but protect consumer rights.

As you can see in the map below from the World Federation of Advertising new regulations are being rolled out in every part of the world. That means companies can not simply hide and operate in a business as usual mentality. They are all now required to ensure the policy standards meet these global regulations. 

The key takeaway here is no matter what industry you are in or where you are located having strong privacy accountable is the wave of the future and the time to get right is now.

Source: https://wfanet.org/knowledge/item/2020/01/14/WFA-Global-Privacy-Map

In summary, celebrating privacy is important, because it will shape how business gets done in the future and is a reflection on our society. We all need to embrace privacy and trust and next year we will have a bigger celebration!

Resources:

Salesforce State of the Consumer Report: https://www.salesforce.com/blog/2019/04/customer-loyalty-data-privacy-trust.html

Cisco Privacy Report: https://www.cisco.com/c/dam/en/us/products/collateral/security/2020-data-privacy-cybersecurity-series-jan-2020.pdf

World Federation of Advertisers:

https://wfanet.org/knowledge/item/2020/01/14/WFA-Global-Privacy-Map

RIVN:

www.rivn.com

Consumer Rights under the California Consumer Privacy Act (CCPA)

It can be argued the General Data Protection Regulation (GDPR) put the idea of consumer rights on the map regarding privacy. The California Consumer Protection Act (CCPA) which passed in 2018 went into effect on January 1, 2020. It is one of the lastest laws in a string of new privacy regulations that are sweeping the globe. To learn more about CCPA please see a recent article from RIVN that offers some great details here.

For this article, we focus on the rights that are protected under CCPA. But, the really interesting part about these rights is new privacy acts that are popping up in Nebraska, Florida, Washington and are all following this same playbook. Therefore, it is critically important for companies to establish a process to ensure their consumers have the availability to exercises these rights and more important to be able to react to them when necessary.

CCPA

Here are the rights that will be enforced by CCPA.

  • The right to delete personal information held by businesses and by extension, a business’s service provider;
  • The right to know what personal information is collected, used, shared or sold, both as to the categories and specific pieces of personal information;
  • The right to opt-out of the sale of personal information. Consumers are able to direct a business that sells personal information to stop selling that information. Children under the age of 16 must provide opt-in consent, with a parent or guardian consenting for children under 13.
  • The right to non-discrimination in terms of price or service when a consumer exercises a privacy right under CCPA.

As noted in the first bullet point above consumer deletion requests will continue to be a key part of almost all new privacy regulations. For digital marketers, finance, IT professionals and legal teams the greatest hurdle may be consent management and the “Right to Erasure/Deletion” itself. 

Contemporary organizations are searching for a module-based solution such as RIVN to step up to meet this need with an easy to use SaaS-based single function that allows brands worldwide to meet business needs and be ready for what is next.

To learn more about regulations mentioned above please see the following links below:

Insights on Google Sandbox from RIVN

Google a subsidiary of Alphabet is one of the greatest company success stories of all time. While the company has diversified into various sectors including self-driving cars, maps, televisions just to name a few. Its advertising business has always been to the financial bloodline of the company.

Google recently announced the concept of a Privacy Sandbox which they would manage. Ad Exchanger recently covered this announcement and the full article can be found here (https://adexchanger.com/privacy/whats-in-googles-privacy-sandbox-nothing-for-now/). The major tag line is Google is planning to phase out 3rd party cookies by 2022. Which puts billions of marketing dollars potentially at risk. At a high level, the Privacy Sandbox would be a collection of web browser-based API versus the cookie code snippets we have today. 

So, here are a few insights:

Google is the major player in digital spend

Google is a major play in the digital spend market. In fact, based on a recent report the company almost controls 40% of the digital ad spending of the marketing by themselves as noted below. With such a controlled hand on the marketing place already it begs the question could Google be creating a monopoly?

Source: https://marketingland.com/almost-70-of-digital-ad-spending-going-to-google-facebook-amazon-says-analyst-firm-262565

Can privacy lead to a monopoly

Google is standing firm that is is not trying to restrict competition rather create a level platform that allows for developers across the globe to participate in the creation of the sandbox and support the creation of the browser API’s.  Which can be found SandBox Github.

Google Sandbox

So, it does seem that Google is making an effort to ensure that across the board fingerprinting is removed and privacy access is equal. But will the fox be able to watch the hen house?  Only time will tell.

Measurement Doomed?

One key area outside of digital advertising they everyone is also concerned about is how will conversion and other traditional tracking be measured. Right now Google is focused on testing and says it has already completed a few tests with clients calling the Google API to receive a specific value to determine conversion event, rather than relying on cookies. It will be interesting to see how historical reporting could be affecting by this completely new methodology.

In summary, it is very early still in this process but a universal standard for tracking and regulatory requirements will help move this initiative or any other forward. We need our legal bodies to act to create a framework that allows for commerce but still protects user privacy. But, everyone can agree, privacy regulations and standards will be shaping how businesses operate in this new decade.

CCPA Recognition of PII and IP Address

The California Consumer Protection Act (CCPA) which passed in 2018 went into effect on January 1, 2020.  The law is one of the lastest in a string of new privacy regulations that are sweeping the globe. To learn more about CCPA please see a recent article from RIVN that offers some great details here.

For this article, we wanted to focus on the evolution of what is considered Personal Identifiable Information (PII). In particular for CCPA highlighting that even data such as IP address is considered PII.

Understanding CCPA including PII and IP address

Understanding CCPA including PII and IP address

Below is a quick list of data points considered PII under CCPA:

  • IP address
  • Email address
  • Online handle
  • Biometric information
  • Geolocation data
  • Browsing and search history

Most people do not realize that lots of organizations us IP address for marketing and geo-targeting.  An IP address a unique string of numbers separated by periods that identifies each computer using the Internet Protocol to communicate over a network. Which basically means anyone that accesses the internet. Here is an example of an IP address 216.3.128.12.

So while companies are starting to feel comfortable in the ability to allow customers to access or request their data based on an identifier such as email address. Companies that fall under the CCPA and similar laws also need to be ready to handle data that was traditionally considered anonymous such as IP address.

It will be critical for companies to define exactly what data they are collecting on their visitors. More importantly, they must have a process in place to manage that data including deletion. That is when RIVN comes into play.

Contemporary organizations are searching for a module-based solution such as RIVN to step up to meet this need with an easy to use SaaS-based single function that allows brands worldwide to meet business needs and be ready for what is next.

To learn more about regulations mentioned above please see the following links below: