Opinion | Once it’s out on the internet, there’s no pulling it back4 min read . Updated: 02 Mar 2020, 09:12 PM IST
It’s advisable to count till 20 before putting anything online that one may come to regret at some point
In most manners-conscious families, children are made aware of a rule of verbal communication. Stated simply, it runs something like this: “Once it’s out there, there’s no pulling it back."
This is a crucial rule and more adults should be advised to pay heed to it, even if they have missed this training during their upbringing. This is especially patent in a status-oriented society such as India, where people with some power have unfortunately sustained their teenage tantrum-throwing ways with subordinates and peers long into adulthood.
This rule is also crucial on the internet. Everything you have ever said or done is out there on some server, and you can be sure that an assiduous search will reveal it. You cannot cover your tracks. To compound this, the internet creates a false impression of anonymity and users thus often let down their guard and say things they never would if they were with other people.
Recently, I wrote that facial recognition technology in China has been stymied by the masks its citizens are wearing to escape Covid-19. The technology is now near ubiquitous in China, and, while masks may slow it down, the technology will work itself around even this obstruction in a short while.
Meanwhile, the rest of the world has been wringing its hands in the garb of “user privacy" and trying to veer towards granting individuals more rights over what is done with their online data. Some US cities have blocked the use of facial recognition technology by their law enforcement departments. However, all of this is too little, too late. Once a technology has taken hold and you have used it on the internet, you are out there and exposed, and you will never get it back.
Australian Hoan Ton-That is the boss of a small company called Clearview AI, which has devised a new facial recognition tool that allows you to take a photograph of a person, upload it, and then use a bot which matches that photo with public photos of the person across a variety of platforms. This is made possible by Clearview AI’s backbone data set of more than 3 billion photos it has scraped from millions of websites. The only technological feat here is automating a manual process.
You may turn off location information on your apps, but you can be sure your phone company knows where you are. In May 2018, The New York Times reported that a company named Securus had sold law-enforcement agencies access to locations of people’s mobile phones. The agencies were supposed to provide a warrant or other documentation to prove they had authority to see the data, but The New York Times said Securus often did not check the documentation.
The big four telecom carriers in the US (AT&T, Verizon, Sprint, and T-Mobile) all promised to stop selling location data to data aggregators. However, many months later, an investigation revealed that the practice had not been stopped altogether. In retaliation, now, almost two years later, the Federal Communication Commission (FCC) of the US has proposed slapping fines of almost $200 million on erring carriers. “The FCC has long had clear rules on the books requiring all phone companies to protect their customers’ personal information," said FCC chair Ajit Pai (no relation of mine).
The carriers are likely to appeal the decision by pointing out that they did indeed build enough reasonable safeguards against the sale of that information, but to do so simply serves to underscore my point further. No matter how reasonable the safeguards and how high the fines, once your information is out there, there’s no getting it back.
This is also true of back-ups from mobile phones. Late last month, Mint ran a newsfeed from Reuters that reported Apple Inc. had dropped plans to let iPhone users fully encrypt backups of their devices in the company’s iCloud service after the Federal Bureau of Investigation (FBI) of the US said the move would harm investigations. Internet commentators have mused that the move was not forced by the FBI and was a suo motu move on Apple’s part.
A user’s iPhone is lockable by a unique code that is known only to the user and can be set to turn off its fingerprint or facial recognition features and rely solely on the passcode. This can stop another person from getting access to the actual device. By contrast, back-ups uploaded from the device can be searched in secret on iCloud. Had Apple elected to introduce an encryption service, no one, not even Apple, could have accessed the iCloud back-up without the user expressly sharing his or her passcode.
This move is extremely puzzling, especially as Apple prides itself on privacy, and, at least at the device level, users have full control and can ensure everything they do is encrypted. In stark contrast to Apple’s decision, its fierce competitor in the mobile arena, Google, has recently allowed Android users on its latest version the ability to fully encrypt their back-ups on Google’s cloud service. Surely, Google must have faced the same pressure from the FBI that Apple reportedly did.
Facial recognition and encryption are simply matters of fitting the right mathematical algorithms to solve a pattern recognition puzzle. Even if companies such as Clearview AI were to go out of business, you can be sure your information is out there and retrievable. The advice of your parents to count till 10 before you throw a tantrum should be doubled for anything you do on the web.
Siddharth Pai is founder of Siana Capital, a venture fund management company focused on tech.