Very click-baity. Below the only part that actually relates to the title:
The announcement came as we began to board. Last month, I was at Detroit’s Metro Airport for a connecting flight to Southeast Asia. I listened as a Delta Air Lines staff member informed passengers that the boarding process would use facial recognition instead of passport scanners.
As a privacy-conscious person, I was uncomfortable boarding this way. I also knew I could opt out. Presumably, most of my fellow fliers did not: I didn't hear a single announcement alerting passengers how to avoid the face scanners.
To figure out how to do so, I had to leave the boarding line, speak with a Delta representative at their information desk, get back in line, then request a passport scan when it was my turn to board.
The rest of the article is a (not very novel) discussion about the risks and problems of facial recognition.
Going against implicit expectations of others and being the only one who does something is maybe the hardest thing humans can do.
Opting out could risk holding up the boarding process, possibly missing the flight, unpleasant treatment by security and being pitted against the other passengers - all of it to opt out of something is clearly a dark pattern.
All of this is very well understood by the people who designed this system.
Articles like that and some of the comments in this thread at least give me an idea what opting out would take.
Yes I asked if I could get a pat down instead of the backscatter x-ray at Heathrow. Was made to feel like a criminal, questioned etc and put under pressure. And then to be told I don't have to get scanned but I can't get on my flight unless I do. There wasn't even an opt out.
That goes completely counter to my experiences. From 2009 to 2017 I chose to "opt out" every time. Here's what happened for me each time:
1. They make you wait while they get someone to do the work.
2. They offer to take you somewhere private (I declined).
3. They tell you the routine ("I'm gonna go up your leg until I feel resistance").
4. They wipe their gloves and put them in a chemical detector.
5. They let you go.
Only once did I have to get an extra exam where they detected some chemical on me and had to do that whole wipe down + chemical test process on my carry-on. It wasn't a big deal.
In 2017 I finally got TSA Precheck. So I've very rarely had to go through this since then (flying w/ non-Precheck friend, flying at non-Precheck airport).
EDIT: My experience is from US only. I missed that the parent's description was from the UK.
I was able to opt out in Dublin at the secondary security point (where one clears immigration in Dublin for US-bound flights, so I think that particular scanner was operated at the direction of the US authorities).
I have not tried to opt out of a pure-EU/UK scanner, so your point is still valid. I suspect Toronto may work the same way.
If you're flying with a non-precheck friend and they're willing to let you book their flights and they pay you back, they'll benefit from you having precheck and their ticket will include precheck as well.
My coworker simply taps his heart and says he has a "device". (It's actually a stent, but he never gets asked any further questions and never has to go through a machine.)
Similar story, and I’m going to go ahead and assume that the reason you wouldn’t be able to board was due to the flight departing very soon.
I _always_ opt out of backscatter machines. I’m British so I’ve flown Heathrow and Gatwick and Luton (etc), normally the process is painless. I wait a fair while longer than others, sitting/standing publicly as people pass me by and it feels awkward, but not enough to stop me.
I have never been denied boarding for my choice. But I make sure I have time to be harassed. Just in case.
The pat down is very humane, they tell you what they will do and they use the back of their hands a fair bit.
Then they brush the glove and put the cloth they brushed with in a scanner, then you’re free to go.
However, I’ve been to a couple of airports that have... aggressive.. security. Heathrow was one, they made me feel so small, as if I was causing trouble, implying I was hiding something.
Eventually I told them that I worked on the backscatter x-rays, and claimed that while they were safe for normal use, they were not safe for use with the added radiation of flying and that the world would be defaming it in a decade as, I said it was this generations asbestos.
They stopped pestering me then, since that incident it’s been my go-to response.
It’s not true as far as I know, but, it /is/ an added dose of radiation right before you get some more radiation, so it’s not exactly a complete fabrication.
Now they’re using millimetre wave scanners which are less radioactive, but have other considerations like the activation of moles on skin, or their relative ineffectiveness of finding handguns in underwear (as per TSA reporting) or 54% false positive rate (as per Germany’s report)
I ‘opt out’ always. Had a terminal security person tell me it’s just air (what in the actual funk!?). Fruitless attempts to explain that claim was entirely incorrect I just gave up. Got the pat down and move alongit’s a pain but flying is terrible in general. Finally I enjoy making the inconveniences along the way.
Huh, I do it every time. Never behind a privacy screen. Never bothered me at all.
The only shitty part is when agents let your stuff go through the scanners but you’re stuck behind the machines. I’m always trying to crane my neck to make sure no one walks off with a laptop.
Usually the TSA agents are very nice. I ask them about their days, how things are, and then I’m on my way.
I like to exercise my rights just to make sure they keep being available, and there’s not much better to do inside the airport anyways.
The sad thing is that even if you're not in the machine, the machine can still scan you -- as long as you're within a certain distance of it.
When the machines first started being used there was some expose on them where pics from the machine were leaked, and you could clearly see that even people waiting in line within about 10 feet of the machine or so were scanned, and you can clearly see their bodies appear in the images, just as you can those who were in the machine itself.
Now, being scanned outside of the machine probably doesn't give them as good an image as outside of the machine, and they won't get an image of both sides of your body, but nevertheless your body will be covered to some extent with radiation from the machine.
I've always opted out of the machines at the airport, and they've always made me wait in a chair within 10 feet or so of the machine. So I know I'm getting some radiation dose from it, but really don't know what to do about it.
Tell the TSA agents that they need to tell their doctors to aggressively screen for cancer. Standing next to these things for 40 hours a week for months has NOT been proven safe.
Hopefully, the cost of supporting this useless security theater will make it infeasible eventually.
The TSA got rid of all the backscatter x-ray machines, so the body scanners aren't using ionizing radiation anymore. This was the biggest health concern with the old devices, and I was really glad to see those gone.
The newer scanners use millimeter wave RF, which is non-ionizing and much safer. The primary concern with RF is classic thermal effects, which shouldn't be significant at low power levels.
There's still plenty of room for research on the topic, but no direct causal link to any health effects have been found with these systems at present.
(That said, the TSA agents are also standing next to the baggage x-ray machines all day. And I do still see backscatter x-ray body scanners in use in other countries.)
Fortunately and unfortunately, I nearly always travel with one or more young kids, which means I can't realistically do stuff like this that'll delay things (they have small bladders, little patience, and are curious). However, they usually have me go through the metal detector instead of the backscatter machine, so I tend to avoid that part of it.
Before our last trip, I read about the facial ID thing, and I was worried because my passport was expired (we were traveling domestic). Fortunately, it seems neither of the airports we went through were implementing it yet, so I'll have time to renew before it's a thing.
I just wish we can all come to our senses and realize that the TSA doesn't really make us safer and that it just makes everyone mad. Unfortunately, people just seem to put up with it.
> I just wish we can all come to our senses and realize that the TSA doesn't really make us safer and that it just makes everyone mad. Unfortunately, people just seem to put up with it.
Because people don't feel like they can make any real impact, and for those who can (our representatives), it's political suicide. The TSA is a giant waste of money but turning the front line of security back to airports would extremely easy to attack as weak on crime, inviting in terrorists, etc. (But who knows, maybe the sight of the TSA line makes terrorists give up in frustration because they're too busy to wait an hour or more just to hijack a plane.)
The TSA was implemented during the Bush era "economic stimulus" drama.
It was never about security, it was only ever about job creation. 9/11 was a convenient excuse to put lots of underqualified/underskilled people to work overnight.
For a politician to go against that now, they get doubly fucked on both the "made America less safe" and "got rid of thousands of jobs" fronts.
Are there regular studies examining broader public opinion on this? I have to assume that at some point it is going to shift, and suddenly scaling back (or privatizing) airport screening will be a no-brainer.
The problem is that it only takes some passive support to establish the system initially, but removing it takes the majority of people actively complaining.
> Because people don't feel like they can make any real impact
I'd say this generalization applies to a lot of topics that we're having with democracy. That people don't feel that it's democratic. I think there's this weird feeling where most believe we're both in a democracy and autocracy (which may not be untrue, but the less we try to fix it with democracy the harder we'll leave to autocracy)
> I just wish we can all come to our senses and realize that the TSA doesn't really make us safer and that it just makes everyone mad. Unfortunately, people just seem to put up with it.
Indeed. What makes us safer are 2 things:
1. Secured cockpit doors
2. Passengers
Now, if someone tried doing something bad/unsafe/terrorist, everybody would jump them, and stop them from doing the thing. That's how shoe-guy was stopped. The passengers about killed him.
It used to be the chokepoint was departure. Now the TSA shoves a chokepoint to "terrorize" at the lines in front the scanners. And wherever you move the scanners creates yet another chokepoint. I'm surprised someone of ill intent hasn't done something at the lines of people.
But in the end, there's little we can do. Ideally our politicians should reconsider their roles, but thats 'reducing security yadda yadda', and political suicide.
On #2, I think people may forget that prior to 9/11, the idea was to let the hijacker go where they wanted, as the passengers usually ended up safe due to cooperation. Even on the day of 9/11 itself, once passengers realized cooperating was going to get them killed, then fighting back gave them a higher chance of survival.
The 2016 Brussels bombing did involve explosives in the check-in area of the airport.
We are cut from the same cloth as I do exactly the same for the exact same reasons. I've 'trained' many a new TSA agent only because I assume it doesn't happen much. I would say half the time I opt out I am used to train a new agent.
I am stuck doing this for medical reasons, and it is certainly one of the most degrading experiences I have ever had the displeasure of enduring. It's very possible he's stuck doing it for similar reasons. Most machines in America aren't backscatter, but I still can't use them.
It's also a crapshoot - you may have an aggressive officer, or a friendly one. I've been patted down twice for absolutely no reason; not a second screening, the guy just went over me two times.
I keep wondering why we have chosen to sacrifice freedom for some small measure of security. More importantly, I don't really believe airport security stops much - it's security theater.
It's a jobs program which humiliates innocent Americans and treats those who have committed no crime as common criminals without any warrant or probable cause. It's a violation of individual sovereignty without reason. Jobs are good, but the ends do not justify the means.
X-ray data isn't as identifying as facial recognition. And quite honestly, you're so concerned about this, you've already lost the war since everywhere you walk, you're bound to be caught by a camera.
> I'm always sad when I'm the only one opting for a patdown at the airport after Defcon.
I made the decision that I was okay handing over personal information one time to get TSA Pre if it meant I could skip the naked scanners, not have to take off my shoes, avoid patdowns etc.
Generally when I'm coming back from Defcon I have a whole lot of stuff with me that I'd really rather avoid having someone take a closer look at.
I still strongly respect people that take a stronger stance than I.
Probably that's because I didn't travel to USA yet, but I don't understand why it's sad. Why the hell would you opt for a patdown? What must be the default then?
They're already gathering facial recognition biometrics, and I wouldn't be surprised if they've been doing gait analysis biometric identifiers (it's established tech). Adding heart rate would give them three separate identifiers that can be used to identify anyone in a crowd with practically complete confidence.
In the UK these are banned, and you can only use millimetre wave scanners with software interpretation, meaning agents can't see the raw (naked) images of you, just the software-identified anomalies layered on top of a stick figure drawing.
The fact a stranger gets to look at me naked is undignified - like if someone was hiding spy cameras in gym showers, or walking up to people in public and pulling down their trousers.
From a Defcon angle, it's also an information security risk; even large government bodies have fallen victim to cryptolockers, so it's not like the government-grade IT security keeping the photos secure is impenetrable.
The 'reassurance' that I'm too ugly and unimportant for anyone to take particular interest in does nothing to restore this dignity :)
> In the United States, the FAA Modernization and Reform Act of 2012 required that all full-body scanners operated in airports by the Transportation Security Administration use "Automated Target Recognition" software, which replaces the picture of a nude body with the cartoon-like representation.[3] As a result of this law, all backscatter X-ray machines formerly in use by the Transportation Security Administration were removed from airports by May 2013, since the agency said the vendor (Rapiscan) did not meet their contractual deadline to implement the software.[4]
Yep. I refused the backscatter scanner when they first came out because of radiation and nude scans, but now that they've changed that I think it's fine.
That's the reason why there are more recent devices that hide the nudity and only show abstract figures with suspicious body areas highlighted.
But the airport visitors has no way of knowing what generation the software is, i.e. whether they are visible in the nude or not. Also, the unmodified images by still be stored on the device - who knows?
Would Obama, Trump, and their wives be happy to have their scans available for public viewing? If it's obvious they wouldn't, it should be obvious it's an invasion of privacy.
For me, I'm already iffy about the whole thing when it's just me but the thought of putting my kids in one of these things makes me... very unhappy, in a bunch of different ways at once. But so does a stranger feeling them up. I'm not sure how/whether I'll ever be able to fly with them.
Some posters are claiming the screens don't show the raw images anymore, but what happens to those scans? Betting they don't discard them. Ever.
Revenge porn is terrible, but I don't think that's relevant here. Can you think of a plausible scenario where a backscatter machine's data could be used against someone? They didn't save your face; I don't know what someone would look at. And that's if the machines actually saved any data, which was not supposed to happen.
I created fake nudes in high school about 20 years ago... It's always been on the table for an artist to fake them, the only difference in that and deep nudes are that a computer does them. Why is it just now bothering people? Because of the buzz word of deepnude?
In addition to the fact that a computer can create a photograph that is exceedingly realistic with exceedingly little effort, releasing nude photographs of anyone without their consent—fake or not—is a terrible thing to do to another person.
Your youth makes your actions forgivable, but not acceptable.
non-ionizing means mostly harmless, but there is no guarantee. Proteins come in lots of shapes and sizes, and non-ionizing radiation can still resonate.
A "dark pattern" tricks people into doing something they normally wouldn't do. In this case, to board your flight you may verify your identity in one of two ways:
1. Present your passport
2. Use the Facial Recognition software
They are tricking people into using option 2 by not informing them of option 1.
Just like Disney World - they scan your finger print upon entry to the park. When you ask to opt out, they're like "Well you're going to need to step out of line over here and give my manager some information.."
Assuming you're not being facetious, the optional "have your facial scan data uploaded to dubious parties" choice is not presented as optional, and implied consent is the default for all fliers.
This would be similar to an "opt-out" instead of "opt-in" checkbox on a "let us harvest your data" disclaimer, except that the checkbox is at 0% opacity so you don't know it's there.
Not to mention that you usually don't know about it until you get there, so you don't have time to look up anything about it to see whether you can avoid it. I read about it after buying my last ticket and learned about the passport thing, but that was because I'm interested in what the TSA does and follow security and privacy blogs.
Agreed about the clickbaity title, but what they were trying to imply is still true. Here's an example of Jake Williams attempting to opt-out of Delta facial scanning and immediately being scrutinized for it:
https://twitter.com/MalwareJake/status/1144789516684877824
He says there that the US is one of the few countries which doesn't do exit checks for immigration.
Is that true? I hadn't thought about this.
I know the Schengen zone does, as well as China and much of Latin America, but in my experience the UK doesn't. Does Australia/New Zealand/Canada (my feeling is that Australia doesn't)? What about Asian and African countries?
I had to go through a Border Force checkpoint[0] with facial recognition and a fingerprint scanner on the way out of Tullamarine last year. There may or may not have been a way to opt out.
Oh, it's "not very novel"? So it's completely unimportant then. That Western so-called civilization is sliding into a totalitarian dystopia while proclaiming it is protecting "freedom" is not an interesting topic of discussion, because... it has been discussed before!
they have a copy of a static image that they likely already have access to. very different to a high res alternate image, from a different angle, with a different expression, in different lighting
It's only static if they aren't using AI to analyze the tons of images they have of you from security cameras etc. Google Photos can learn and search for faces of a person based on one confirmed face a person. I'm sure Facebook can as well. There's no reason to believe the Government or TSA is or isn't doing this.
The ePassport gates in at the UK border both scan your passport and take a picture to confirm that it is indeed you.
Since they already had my picture in the database from the passport I did not consider this an invasion of my privacy, and (for now) they are opt-in instead of opt-out.
It would make sense if that were true, but they already have his face. All he's really opting out of is them matching the one in their database when he's standing there. Maybe there's some value in that, but I agree the real value is not giving them your face to begin with and it's too late for that by the time you get to the gate... they've already got it.
What makes these interesting is they're getting stereoscopic imaging with multiple camera angles of video. That can potentially be used for some invasive tracking.
The distinction is nonsensical to me from a privacy standpoint. Your passport includes a picture of your face, anyone scanning your passport looks at that picture and your face to verify the passport is "you". I'm sure whatever is recorded by either process is essentially the same: a person with your face was in a particular place at a particular time.
requiring opting out is a huge barrier as shown in behavioural economics and definitely makes it "not easy" especially if no one else is seen to be doing it
One is by legible criteria: how long does it take & such.
The other way is: how likely people are to do it. That's how a UI design would be measured. How many more people sign up if I remove the "age" field from a form. How many fewer people become organ donate if you need to register online vs tick (or untick) a box on your lisence form?
The first way is how a regulator or judge would see it. The second is often the one that matters to how things develop practically. Eg how gdpr-ish consent actually affects realities of user control over their data.
A common pattern is to concede the first, and rely on the second to make it irrelevant. Opt out is available, but the "UI" design ensures that it's rare.
> I didn't hear a single announcement alerting passengers how to avoid the face scanners.
> To figure out how to do so, I had to leave the boarding line, speak with a Delta representative at their information desk, get back in line, then request a passport scan when it was my turn to board.
While I agree that it's made as easy as possible to go with the flow, and communicated less clearly than I'd like that you can avoid it, I think that this (the article's presentation, not your post) is disingenuous. I flew from DTW to SYX about 6 months ago, and saw signs (though no announcements) clearly indicating that you could opt out. I simply told the boarding agent when I came to the front of the line that I wanted to opt out; there was no need to leave the line.
(In the interest of full disclosure, I don't know for sure that this works, because they were trying to speed up very delayed boarding and had given up on the facial scanning anyway, so they just waved me past without appearing even to notice that I asked.)
I don't see anything click baity. It was, indeed, not easy to opt out. And this is for someone that knew they could.
"
To figure out how to do so, I had to leave the boarding line, speak with a Delta representative at their information desk, get back in line, then request a passport scan when it was my turn to board"
That is a process that is not easily discoverable. And the "opt out" isn't announced as an something that even exists.
I wish you would summarize every article on HN because as one of the only articles I read this week (since as you mentioned it really was click-baity), my interpretation was pretty much the same.
Summed up my thoughts on this right here. Reading the article it doesn’t exactly detail what the headline explains and, as you said, selves into the ethical debate surrounding its use. Sigh.
I've recently traveled outside Australia and used the facial recognition "smart" system. It was completely non-obvious that we could opt-out - it was only implied by the text.
After going through security, I asked an official if I could've opted out. They said yes, and said I could flag someone down.
When I returned, I tried to do so - but there was no-one around! Its an automated system, and almost impossible to opt out of.
Airport security is full of dark patterns when it comes to privacy.
What airport is this? At Adelaide airport arrivals I always choose to go through the manual processing queue, i.e. the one non-Australian citizens have to use. Half the time it's faster than the smart-gate system queue, and even if it's not an extra 10 minutes after 26hrs + of traveling isn't going to kill me.
As for departures, it wasn't obvious to me - like with you - that I could opt-out. I'll give it a shot next time and see what happens. Am expecting some annoyed and suspicious glances! :)
I use the ‘smart’ gates at Melbourne regularly. You insert your passport, stand in front of a camera, and one assumes that your current photograph is compared to that of your passport. If they’re the same, you pass.
I fail to see the privacy implications. I’m already giving someone my passport details – I must do that to enter or exit the country. That passport already contains my photograph. What privacy am I losing by having my photograph taken at the airport?
I say this as a very privacy-conscious individual. I block ads, don’t use Facebook, etc. I fail to see the further loss of privacy in this case, over and above the mandatory scanning of my passport.
This may be true but the end game for governments is to have facial recognition everywhere. They start at the airport because "it doesn't matter, you are already giving your info out" and then we become OK with the idea so they start rolling it out for public transport and "it doesn't matter, you already do this every time you fly"
It seems to me that the only way to resist is to take a very hard rejection of facial recognition entirely in any situation.
> It seems to me that the only way to resist is to take a very hard rejection of facial recognition entirely in any situation.
Realistically the only way to resist is to develop an informed, engaged populace. There's a huge gulf between "facial recognition for crossing international borders" and "facial recognition for getting on the subway" - the former is obviously beneficial and the latter is obviously a massive overreach.
The idea that one will inevitably follow the other is only really plausible because of the public's apathy, and it leads to situations where we throw the baby out with the bathwater.
I would argue against the first being obviously beneficial. The downsides of having such a system in place in my opinion outweighs any current or foreseeable benefit. One step further, I have yet to hear of a scenario where facial recognition would be a positive application. In my opinion the complete rejection is the right approach when it comes to facial recognition. Being able to automatically identify a person without them noticing or being able to prevent the identification in the future is in its very core dystopian. Its an application to end privacy, no different to the old scifi idea of getting a remotely readable identification chip implanted at birth. With the difference of the hypothetical chance to remove your scifi chip surgically. With facial identification the only realistic option is plastic surgery. We were lucky for a while that the technology wasnt ready yet, but it is getting more and more practical to utilize.
Its unfortunate that the idea of privacy is in such a downhill spiral, but the much more daunting question is, if privacy can so easily be abandoned, how will other stuff, like freedom of thought be treated in the future? What happens if technological development of surveillance could catch up some day? We are currently living in a society where no matter how horrific the methods, there are some who will find justifications to utilize them on other people. If the charges are heinous enough, human rights go out of the window. You only have to think of torture and look as far as Guantanamo. Differently put, in a society that preserves samples of eradicated plagues for possible future military uses and has no quarrels of threatening to torture the kids of enemy combatants, the research into and work on offensive capabilities with disastrous capabilities, like I would argue facial recognition is, is morally reprehensible.
I believe "facial recognition for crossing an international border" is an obvious benefit because, look, the world is not all sunshine and daisies and it's important that we're able to validate that a person going from one country to another is who they say they are.
You seem to be operating under the core assumption that because we as a society allow facial recognition in that situation it will inevitably expand to others, and that's exactly the point I was trying to make in the first place. If an educated and well-informed populace says "no, we will not allow this technology to be used outside of these specific circumstances" and then enforces that position at the ballot box, there won't be a problem. Unfortunately most people just don't care, and no amount of technological backtracking will fix that.
In other words, don't worry about the tech; worry about the people that make the tech matter.
I understand your point about the responsibility of a democracy but I do worry about the tech, I would also be alarmed if someone developed a biological weapon to extinct humanity, even if the usage was controlled by a democratic mechanism. Just dont develop such dangerous technologies with no positive use case. Dangerous being the combination of efficiency and scale-ability.
The argument also assumes that we will continue have democratic systems and the population not voting for such systems to be implemented. The reality is what ever means and information we currently entrust to governments later versions will also have access to. Not to mention the export of these technologies to "friendly" dictatorships. Its the old problem of census data in the Netherlands. They had extremely detailed census data involving peoples religious beliefs before the Nazis invaded and with the data available the persecution of Jews was extremely efficient. The resistance targeted the locations of these datasets but it didnt work good enough.
I also dont see how international borders need anything more then fingerprints. They are also far more accurate and reliable. Facial recognition has the only added benefit of being usable without the effected people noticing. Thats not a positive characteristic.
To come back to the central argument, we do already have other means of identifying people and facial recognition only differs in a few core issues from existing mechanics. The core characteristics of facial recognition are
* No need for a cooperative, consenting subject
* Not alerting the subject being identified and no protection against being identified without noticing
* Unchangeable identification characteristic
We already have reliable easy to use systems for characteristic 1 and 3, fingerprints, and I see how there might be a need for such systems at specific locations. For example at a police station or border checkpoints.
Then we have facial recognition which is a lot less accurate and its only additional benefit is point 2. Point 2 however has no positive use cases, its a purely totalitarian instrument aimed at its scale-ability. For not only being used in specific places but everywhere. You cant even make the argument which makes nuclear weapons a worthwhile technology to have, the possible usage for war against a foreign aggressor. Facial recognition is only beneficial to keep a population suppressed.
>There's a huge gulf between "facial recognition for crossing international borders" and "facial recognition for getting on the subway" - the former is obviously beneficial and the latter is obviously a massive overreach.
The same was said about the TSA searching people boarding aircraft, but then that moved to people in train stations, greyhound stations etc. being searched. Overreach is commonplace.
Passport scanners at the airports are highly regulated. Facial recognition is not.
This is the airline collecting your biometrics — a completely different entity from the border control that usually checks your passport.
You insert your passport and that should be it. Border control has already checked your identity. Afterwards, your photo was taken by the airline in order to "verify you".
Granted, airlines could get your photograph in a myriad of ways, but this system makes it as convenient for them as it can get.
You're talking about different things here. The Australian "smart" gates mentioned by the previous poster are border control, and they work by validating a picture your face against the picture in your passport.
YMMV, but I actually find using the smart gates much less invasive than dealing with human immigration officers. The gates do exactly one thing and that's that, whereas with officials there's always an uncomfortable "guilty until proven innocent" feeling (where are you going? where are you coming from?) coupled with the knowledge that borders are largely civil rights free zones, even for citizens.
The bio-metric data is not discarded but collected somewhere in a database, it could be abused in a few years or it could be leaked and now hackers have it,
I think it would be fair if the system would scan your passport , scan you, confirm the identity but not store your biometric data.
>Is saving a few minutes worth handing over your most sensitive biometric information?
The problem is that you've already handed this biometric information over; say, when you get a passport. There is no "opt-out" for that context. This is also why RealId was so vehemently opposed[0].
At the end of the day, they're getting your data - one way or another and there is no opt-out for that.
So, to make an appeal on the argument of privacy of data is being woefully ignorant of the fact that this encroachment has been happening for years and it didn't seem to matter very much then.
“Until we have evidence that facial recognition is accurate and reliable—as opposed to simply convenient—travelers should avoid the technology where they can.”
No, no, no! The possibility that this technology may occasionally be wrong pales in comparison to the world we’re marching toward. By far the biggest risk facing society is that having your every move tracked by governments will soon be next to impossible.
Also just imagine what our world will look like as facial recognition data slowly leaks out into the hands of non governments (or they find ways to collect it.) It isn’t hard to imagine a world where everyone knows everyone else’s whereabouts at all times. Facial recognition feels like the biggest looming step toward a dystopian world.
The fact that they throw out the possibility of this technology occasionally being wrong sidesteps the real risks in favor of something that’s just easier to explain.
This is a very confusing comment. You seem to disagree with the premise of the article, but then go on to agree with it, but also make a bizarre statement about the impossibility of governments being able to track you?
I was at London's Gatwick Airport last week, where facial recognition was being trialed at the boarding gate for my flight.
On the way, multiple, large signs announced the trial.
At the gate itself, there was a prominent notice addressing travelers' privacy (and other) concerns - several paragraphs of large text. It was clearly mentioned that, for people who were reluctant to use the new technology, there would be attendants available to process them in the usual way.
I was quite impressed. However, the trial was cancelled, and the machines still retained their plastic wrapping. Oh well.
How does the facial recognition system work? I'm thinking that biometric passports contain the necessary data and that the airline has already got then by scanning the passport at some point so that it quick and easy to use facial recognition at boarding time.
If so, it's pointless to request to opt out while boarding, really.
In any case, there is no anonymity in air travel (this is really more about anonymity than privacy). You are identified and tracked from the moment you buy your ticket until you leave the airport.
Facial recognition is a new technology that people need to adapt and be confident with. It will take some time then no-one will pay attention anymore.
The point this article misses entirely is that the Facial recognition system is now at the gate which is ostensibly Delta’s territory.
It isn’t US Boarder Control running the facial control system, its Delta, Southwest, or anyone else, which has implications about the privacy of the biometric data, that up until this point hasn’t been collected by Airlines, only Boarder entities.
That said, in order to boot strap this system, Delta et., al. would have had to either;
1. Build their own database of biometric and facial data that they believe was reliable (unlikely)
2. Get a full and continually updated copy from CBP (Probably noisy)
3. Use an API made available by CBP that acts as a Biometric/Facial oracle.
I’ve heard rumblings that it’s 3, but I can’t cite anything to back that claim up, so grains of salt.
My understanding is that biometric data are contained in your passport, which is already scanned by airlines when you check in and/or board planes.
Here they are using this information to automatically check that it is in fact you instead of having a staff member look at you and check against your passport's photo.
I’m not certain of the particular setup here (per airport thing) but I’ve never had them scan my passport at the gate in a US Airport, only at Immigration checkpoints for international travel and TSA.
This is especially true for domestic travel as well.
For international flights, they traditionally scan your passport at the check-in counter.
As a US citizen, this is mostly just to validate any visa requirements for the country you're traveling to.
However, for non citizens, this data gets sent to CBP to create an exit record. I believe the concern is that between the check-in counter and the flight, you could trade places with someone to effectively overstay a visa without CBP's computer systems noticing (since you'd have a valid exit record)... hence the push for facial recognition at the gate.
At Immigration: Scanned, no, Photographed, yes. (So depending on your definition)
At TSA, They scan the first page of passport (or local ID) and usually Full body scan. So in the strict sense of facially scanned no.
At the gate (until now), neither. They would scan the boarding pass and eyeball the passport if international.
Again the point here is that in the first two instances these are Government agencies doing the scanning. At the third, the Government no longer has anything to do with it.
The question with this stuff is how and where are Airlines (private companies) getting a database of biometric data and what are they doing with it?
They submit the data to the CBP database and get a result back. It will help to validate exit reporting and ensure that the right people are being reported as leaving the country on their I-94s
Yes I suspect this, but the consumer has no way of verifying this.
Similarly it also means that the airlines have access to a Face Oracle and can build their own database with confidence based on that result.
> Delta’s territory
This feels like the opposite of the GDPR stories from a few months ago. Instead of all the "It's coming" hype and opt in agreements, the company just gets the info without a fuss...
I think most are looking at this backwards. This system is most likely the reCaptcha of facial recognition. The same way Google already knows you're not a robot, and they just use you to improve their image recognition algos. The facial recognition at the airport is one of the few ways to get multiple pictures of people while knowing with near 100% certainty the face matches the name. The system is building out their data set. Running facial recognition in other scenarios (e.g. security footage after a crime) off a single passport photo is hard. Running facial recognition off of a data set with many different photos is much better.
So, what you're saying is... there's no problem because people have already given up anyway? At the very least opting out gives them a data point that their theatric procedures aren't readily accepted by everybody.
>Internal flight could be anonymous, but when is the last time anyone paid for flights by cash?
Let me tell you about flying before 1996, kid. It was great. No ID presented, you just needed a paper ticket. You could actually buy and sell paper tickets on usenet (and people did), and you could wave to your family when you get on the airplane as you didn't need a ticket to be in the boarding area. I thought it was a disaster when they started implementing the dystopia we have today, and remember premonitions of disaster listening to some douchbag I brought to the airport babbling about the government "keeping us safe."
Every one of your posts to HN has included a personal attack. That's not allowed here, so we've banned the account.
If you don't want to be banned, you're welcome to email hn@ycombinator.com and give us reason to believe that you'll follow the rules in the future. They're at https://news.ycombinator.com/newsguidelines.html.
I guess animals often grow to enjoy their cages; had a pal who kinda freaked out when he got out of the pokey too.
Oh yeah: no body cavity searches getting past the gate, we had legroom, free food on the plane, free baggage, and they didn't blare CNN in the airports like some Orwell dystopia, or ads for the airline on the airplane telescreen. The planes were better too; 747 was super common and comfy (now you need to fly the Luftwaffe or British Airways, and the seats aint what they used to be), and if you were loaded, you could take the Concorde across the pond for a price which seems comically cheap these days.
Is it comically cheap if you don't consider inflation?
Because while air travel has undoubtedly gotten less comfortable, in most (if not all?) cases it's also gotten cheaper. With every passing decade air travel because accessible to broader and broader swaths of the economic pyramid. Now it's at the point where the cost of the taxi to a London airport can cost more than the airfare of whatever budget airline flight I'd be on.
I am [not really] too young to have flown on the Concorde, but a Googling of "Concorde flight cost" suggested between $6000 and $12000 round trip for NYC-LON flights. That doesn't strike me as cheap.
Air travel definetely got cheaper. As as a software engineer (with a bit for search hacking) I can now afford flying across globe (26 hrs) in business (which used to be first) twice a year.
Sounds like your issues are related to flying in the states? If you're problem with flying today includes cavity searches and being able to hike up prices by trading tickets then you're probably right, best if you don't fly and we'll all be the better off for it.
What are you talking about with the concorde flights!? They were a lot more expensive than they are today let alone the prices of a normal carrier flight at the time. When was the last time you flew?
Maybe we'll get to McLuhan's global electronic village after all.
Having come from a rural area, in a village it is just like in Cheers - "Everybody knows your name". They also know a lot about you, your family, friends and enemies. Much of what they know is true, but some of it is wrong (gossip).
Privacy and anonymity is of recent origin, starting with industrial development and large cities. It's a "security by obscurity" strategy for the more powerless segments of society. Powerful people are in the Social Register.
A bit weak of an article. I absolutely hate how facial rec is going to be the norm in a lot of things outside security.
1. The infamous they, already have a picture of your face. Your id/passport. It's kind of too late to be anonymous when boarding a plane, for multiple reasons.
2. One agency has it, thus its easy for them to share it with others. HA! You, have never dealt with fed agencies. You want to meet the grownup versions of those toddlers that never learned to share their toys? Any fed agency. Doesn't matter how important the info is and how timely, "it's our data, our jurisdiction, we'll handle it".
Just two points that stood out to me.
Again, I agree that privacy now seems like a dream we had in the distant past due to tech companies and the results of a post-911 world. But this article is the equivalent to complaining how much sugar is in cake while eating said cake.
Wait, are you seriously insinuating that it's okay for the government to do this?
Airline security worked fine before 9/11, and it hasn't measurably improved with all of the bull crap the TSA is now doing. From what I can tell, we haven't been attacked in the same way because:
- passengers are more vigilant
- terrorist attacks are hard to plan and execute as it is
- airlines installed locking doors for the cockpit
All of the rest of the stuff the TSA does is overreach. It's not equivalent to complaining how much sugar is in cake while eating cake, it's closer to only being offered sugary cake while in prison without being told there's a healthier option available.
Did I say it was acceptable? Did I use those words? Did I not say that I do not like where its going? At the same time, can I blame anyone for going security overboard when multiple buildings are destroyed by kamikaze hijacked airplanes? A first responder from that just recently died. So yea, still a bit of a sore wound for people. This isn't like talking about Rome getting sacked. Some of us still remember when the towers stood.
Passengers are vigilant. Ha! The one thing your average civilian is not is vigilant. The internet is rife with bad folks doing bad things in crowds. And most people do nothing.
Plus, look up the millennium plot. The news doesn't make a stink when things go well. Lots of people have been stopped at airports and even before being able to start. You only hear about the failures, because it makes for better news.
Fact is, pandora's box was opened. We are in a new age where people get their fame from doing big, nasty things. The Rolling Stone put the Boston bomber's face on the cover for fuck's sake. Where rock star faces have been. I like that on imgur, some people bucked that trend by periodically showing the faces and sharing the stories of those that fought back. But guess what, someone has to actively protect too. Yea, lots of issues with the TSA. They knee jerked hard towards some super fucked up practices those first few years. You think traveling with a really slavic last name was fun? I was always randomly put in the special search line. Three times I got backroom questioned over my recent travels. I still show up 3 hours early to fly out of habit.
But I also chose to roadtrip more often instead. Which was more fun anyways.
Maybe if the public could actually police themselves and evil was eradicated, then we can do away with security in general. Until then, it's a response to a problem where no one is offering a better one other than hugs and unicorns that fart rainbows.
Peripherally related. I needed a new passport, and applied online for one. The online application kept rejecting my photo which I had taken by a pharmacy specifically approved for taking passport photos. It said that my eyes were too shaded or had too much shadow. I tried everything with levels and contrast.
I gave up and started messing with the application software. I cut the eyes out a different photo in the Mac Preview.app application. I lined up the eyes and thought they looked pretty good, then uploaded the photo.
The application doesn't give a pass/fail, it just submits and its off.
I have traveled quite extensively on this passport, including going to some countries that are pretty uptight about security. I'm sure I behave like a drug dealer going through security.
> Will we only wake up once we no longer have the choice to opt out?
yes :/
Many commenters say that your data / picture is in the system already, which is fine, but your passport photo can be 10 - 15 years old and these systems record how you look now. That's the question if you are comfortable providing it.
What you can't do anything about is CCTV and I think it's a safe bet that they are already equipped with facial recognition and other ML tracking technologies. It's just a question of which database you can avoid being registered in.
Gatwick airport had a ton of facial recognition cameras last time I was there.
They had a ring of leds around the lens that lights up in a rotating pattern, it really is difficult not to look directly into the lens due to that.
I am usually opting-out of body scanners (in the EU its still optional). But at some airports the security people seem to not know that it's optional.
By now I always carry a letter from the federal police (responsible for border + airport security) explaining that it's optional.
At Berlins airports they usually ask for a reason why I opt-out of body scanners, which is ridiculous, as one needs no reason to NOT do something that's legally optional to do.
Recently traveled internationally. I cannot agree with the claims of this clickbaity article. In the security line there were numerous signs telling passengers they could opt out of having their photo taken.
As I approached the kiosk, I mentioned that I preferred to not have my photo taken, and was nearly cut off by the lady asking for my passport.
I'd argue that getting my passport scanned was quicker than waiting for the machine go take your picture.
At Rome's FCO airport there is a facial recognition passport control for flights outside of the EU. Last time I left the EU, my aging passport's chip refused to work and a person made me retry 5 times before letting me go to the human passport control.
It must be said that the non-European, non-biometric passport control can easily take 30 minutes longer.
I have to say that I've never thought about this in terms of databases, I somewhat assumed that they were only matching against the local copy in my passport, but maybe someone can elucidate for me on how this works on EU passports.
Definitely possible if standards are defined, but that is not the problem. The real one is that we now have a security industry that needs to apply tech to dangers that in reality don't really exist in the first place or are so minuscule that you need sales people to market these. The security hysteria of the last decade is laughable, if it didn't cost us that much...
I seriously avoid flights. They already have my data a thousand times but I am just sick of these perverse boarding processes. Wasn't good for the environment anyway.
>...to dangers that in reality don't really exist in the first place or are so minuscule that you need sales people to market these. The security hysteria of the last decade is laughable, if it didn't cost us that much...
I don't believe that this is true.
For example, the world wasn't a "safer" place to be in between 7 Dec 1941 and 11 Sep 2001, just as it's not a "safer" place now. The danger was ever-present, as the Munich Massacre (1972) clearly demonstrated (and the entire world witnessed).
Instead, what's happened is the ongoing implication that your safety is paramount and any concessions to privacy are an ultimately necessary byproduct to keep you safe from that "new" danger; however, it wasn't a "necessary evil" for the preceeding six (seven, including the oughts?)decades and the danger - certainly - ins't new, right?
I see the issue with false positive, but I don't get the privacy argument here. Scanning your face vs your passport is not any different from privacy perspective.
Imagine this:
"Years from now, the party/person in power goes completely nuts, and starts rounding people up in train cars to ship off to a final solution facility... would you prefer to try to sneak out of the country when: A. only your passport/papers identify you, or B. your face can be recognized from any video camera in the country..."
Just a few weeks ago there was a thread on this site discussing how IBM census taking machines made it all possible to identify the undesirables. Now it's trivial.
Airports hve got to be 100% covered with cameras that CBP could easily get access to—why is taking a single still photo—to be matched to the passport photo they already have—such a big deal?
>Research shows that it is particularly unreliable for gender and racial minorities: one study, for example, found a 99 percent accuracy rate for white men, while the error rate for women who have darker skin reached up to 35 percent. This suggests that, for women and people of color, facial recognition could actually cause an increase in the likelihood to be unfairly targeted for additional screening measures.
So this should also be a very good reason to reject this tech for this use. Darker skinned people and women get misclassified even more, and subject to further interrogation.
I may be a white guy (works 99/100)... But I can't just defend my own rights, or all of our rights degrade.
I would like to opt-out as well, but it seems it actually was quite easy. All she had to do was say that she wants the passport to be scanned. Good to know.
Of all of the problematic uses of facial recognition, this isn't one. You are already in a context where your identification must be verified. Who cares if they establish that identity with a precanned passport image? It isn't like there is any new data available here.
Airport is about the only places that I have no problem with being Facial Recognition as long as the data is correctly handled because it contributes to the safety of so many parties.
What is your limit? What about handing over all your social accounts? fingerprints, DNA , it seems that gradually if a thing can be done it will be done. 2
Can you wear a mask while they do the passport scan? They need know how you look like so they can match the picture with the passport... using a computer or a human.
That is fine if it would be the same, but your biometric data is stored in a database, I would be fine with scan the passport , scan the person, check if it matches, if all is fine delete the biometric data and not put it in a database.
If there is a good reason to keep this data in a database let me know.
The passport is in your hand, you place it on the table where it can be scanned and compared with your face. If they have your face in the database can you travel without a physical passport?
So you could just use a fake passport? Yeah to tell you the truth, I'm not sure why a passport is required... Just like driver licenses and tag registrations, they have all the information on their computers.
Why do you think so? If a human can detect a fake passport why a computer scanner can't detect it?
It even makes sense to do it like this:
1 the passport includes a picture of you but it could include a hash of your biometric face
2 you go at the checkpoint, put the passport in a scanner and your face is also photographed by a camera, the sash is generated and compared, then the hash is deleted, the airport people just care that the passport is real(they can check serial codes or chips if present in the passport, check the other security areas of the passport) and the person using the passport is the one in the passport.
Airports or air transport companies should not be in bussiness of collecting bio-metric data. If NSA or the government of a country wants to create such a database they should propose a law for it, when you get or renew your ID card,passport then you would be added to the national database because such is the law not because you are forced to chose between getting in the plane faster or some unpleasant alternative way/
The announcement came as we began to board. Last month, I was at Detroit’s Metro Airport for a connecting flight to Southeast Asia. I listened as a Delta Air Lines staff member informed passengers that the boarding process would use facial recognition instead of passport scanners.
As a privacy-conscious person, I was uncomfortable boarding this way. I also knew I could opt out. Presumably, most of my fellow fliers did not: I didn't hear a single announcement alerting passengers how to avoid the face scanners.
To figure out how to do so, I had to leave the boarding line, speak with a Delta representative at their information desk, get back in line, then request a passport scan when it was my turn to board.
The rest of the article is a (not very novel) discussion about the risks and problems of facial recognition.