PETALING JAYA: Facial recognition technology is the all-seeing eye. There is no escape once its net is cast.
While businesses love it for its ability to identify and profile customers, the ordinary person is defenceless against attempts to mine information about him.
Cybersecurity expert Fong Choong Fook says facial recognition technology is a double-edged sword.
“On the one hand, it helps law enforcers snare criminals. But if it falls into the wrong hands, innocent civilians become the prey,” said Fong, who is founder and chief executive officer of cybersecurity services provider LGMS.
Facial recognition technology is gaining ground in Malaysia as it has in the rest of the world. Recently, Malaysia Airports Bhd announced that the technology will be deployed at the KL International Airport this year to enable passengers to board flights without having to produce a boarding pass at the gate.
Many businesses are already using it to speed up transactions securely. However, some are also using it to profile customers, and that is the crux of the problem.
In several provinces and cities in China, there is already a backlash against the use of the technology. Local governments are considering policies to prevent overuse of the technology, to protect personal data.
The misuse of facial recognition technology was one of the issues highlighted at China’s Consumer Protection Gala event in March. With 200 million CCTV cameras across the country, the Chinese are likely the most scrutinised people in the world.
Facial recognition through biometric authentication is reportedly more difficult to hack but for some, there is no comfort.
Experts say it boils down to consent. Fong pointed out that the use of the technology in the private sector without the subjects’ consent is a problem.
“If a company wants to collect our biometric data, it should get our permission first,” he said.
“The organisation must also demonstrate its ability to preserve and protect the personal information collected.”
Universiti Sains Malaysia security expert Prof Dr Selvakumar Manickam said facial recognition technology is already being used widely on a daily basis.
“Selfies and photos uploaded on social media such as Facebook are analysed but this is not considered intrusive because users have already agreed to the terms and conditions.”
But now, it is being integrated with data collected by CCTV cameras, as seen on Penang Island. The police are also studying a proposal to expand its use nationwide, he said.
Selvakumar added that there is no legislation yet to govern how much data can be collected, how long it can be stored, and what can be done with it.
“Existing laws on personal and consumer data must be bolstered to address these new and advanced cyber threats.”
Criminologist Shankar Durairaja said extensive use of the technology by private companies can be an intrusion of privacy, given that they can use the data for commercial purposes.
The main dangers include the ability to enable the automated and indiscriminate “live” surveillance of people, the violation to people’s right to privacy, the effect on our democratic political culture, inaccuracy, the denying of the right to consent as well as the fact that it could be easily misused.
“Although the government can utilise such technologies for the safety and security of the country and its people, greater awareness is needed on its impact on civil rights and liberties,” Shankar said.
“People tend to act differently when they know they are being watched and this affects freedom of speech and expression. Thus, it can be said that we do not have any rights to privacy in a public space.”
“The technology offers protection at the cost of violation of privacy. We just have to find a balance between the benefits and the drawbacks.”