Here Are 2 Tools to Prevent Facial Recognition AI From Using Your Selfie

0

Ever wondered what happens to a selfie you upload on a social media site? Activists and researchers have long warned about data privacy and said that photographs uploaded on the Internet may be used to train artificial intelligence (AI) powered facial recognition tools. These AI-enabled tools (such as Clearview, AWS Rekognition, Microsoft Azure, and Face++) could in turn be used by governments or other institutions to track people and even draw conclusions such as the subject’s religious or political preferences. Researchers have come up with ways to dupe or spoof these AI tools from being able to recognise or even detect a selfie, using adversarial attacks – or a way to alter input data that causes a deep-learning model to make mistakes.

Two of these methods were presented last week at the International Conference of Learning Representations (ICLR), a leading AI conference that was held virtually. According to a report by MIT Technology Review, most of these new tools to dupe facial recognition software make tiny changes to an image that are not visible to the human eye but can confuse an AI, forcing the software to make a mistake in clearly identifying the person or the object in the image, or, even stopping it from realising the image is a selfie.

Emily Wenger, from the University of Chicago, has developed one of these ‘image cloaking’ tools, called Fawkes, with her colleagues. The other, called LowKey, is developed by Valeriia Cherepanova and her colleagues at the University of Maryland.

Loading...

Fawkes adds pixel-level disturbances to the images that stop facial recognition systems from identifying the persons in them but it leaves the image unchanged to humans. In an experiment with a small data set of 50 images, Fawkes was found to be 100 percent effective against commercial facial recognition systems. Fawkes can be downloaded for Windows and Mac, and its method was detailed in a paper titled ‘Protecting Personal Privacy Against Unauthorized Deep Learning Models’.

However, the authors note Fawkes can’t mislead existing systems that have already trained on your unprotected images. LowKey, which expands on Wenger’s system by minutely altering images to an extent that they can fool pretrained commercial AI models, preventing it from recognising the person in the image. LowKey, detailed in a paper titled ‘Leveraging Adversarial Attacks to Protect Social Media Users From Facial Recognition’, is available for use online.

Yet another method, detailed in a paper titled ‘Unlearnable Examples: Making Personal Data Unexploitable’ by Daniel Ma and other researchers at the Deakin University in Australia, takes such ‘data poisoning’ one step further, introducing changes to images that force an AI model to discard it during training, preventing evaluation post training.

Loading...

Wenger notes that Fawkes was briefly unable to trick Microsoft Azure, saying, “It suddenly somehow became robust to cloaked images that we had generated… We don’t know what happened.” She said it was now a race against the AI, with Fawkes later updated to be able to spoof Azure again. “This is another cat-and-mouse arms race,” she added.

The report also quoted Wenger saying that while regulation against such AI tools will help maintain privacy, there will always be a “disconnect” between what is legally acceptable and what people want, and that spoofing methods like Fawkes can help “fill that gap”. She says her motivation to develop this tool was simple: to give people “some power” that they didn’t already have.

Stay connected with us on social media platform for instant update click here to join our  Twitter, & Facebook

Loading...

We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Loading...

Read original article here

Denial of responsibility! TechiLive.in is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – admin@techilive.in. The content will be deleted within 24 hours.

Leave a comment