I would like to preface this article with a disclaimer: I am not now, nor have I ever been, nor am I likely to ever be a lawyer. I haven’t even played one on TV so, take what I say with a grain of salt with regards to the legal matters. That said, I am writing from the perspective of what should be rather than what necessarily is.
There is a disturbing trend in technology, wherein companies are claiming ownership of information that is in the “public domain.” Or at least, they are incorporating the information gleaned from these so-called public sources into databases wherein they are used for commercial purposes now and archived for potential new uses at some future date. This revelation is not groundbreaking; we’ve known this has been going on for a while now. However, information that is impossible to avoid being put into the “public domain” is being used without your permission and there is not a single thing—aside from pulling a Henry David Thoreau and becoming one with nature (i.e. entirely off the grid)—you can do about it.
The technology on my mind at this moment is facial recognition. The information gleaned from platforms such as Twitter, Facebook, LinkedIn, etc. is often what is considered part of this public domain. Clearview AI (Clearview) is a New York-based startup that has allegedly compiled a database of more than 3 billion(!) images containing people’s faces. Where did they get these images to populate their database? Why, social media of course! The CEO of Clearview, Hoan Ton-That, maintains that they are only pulling these images from the public domain (Llenas, 2020). However, it has been noted that this includes photos from private accounts (O’Sullivan, 2020). This raises two questions in my mind: what defines “public domain”? and how is it possible to prevent your image from winding up in this public domain?
The literal definition from Dictionary.com is: “the status of a literary work or an invention whose copyright or patent has expired or that never had such protection.” The definition from Merriam-Webster is: “the realm embracing property rights that belong to the community at large, are unprotected by copyright or patent, and are subject to appropriation by anyone.” Hmm, neither of these seems to me to quite match what Ton-That’s company has been doing. Moreover, common sense tells you that your likeness posted on a private social media account, to which only your connected friends have access, does not qualify as “public domain.” It is common knowledge that by creating a work, such as taking a photo, the copyright of a photo is that of the photographer, irrespective of whether it is explicitly stated on said photo. Additionally, a person inherently owns their own likeness. Therefore, at least in my estimation, an image meeting these criteria is in fact, not in the public domain and therefore written consent should be required.
Let’s say, hypothetically, however, that your image is posted on a public website and is indeed in the public domain. That should be fair game, should it not? Indeed, that appears to be the view of the Chicago Police Department a spokesperson of which stated, “the message here is that the information gained from Clearview was at one point placed in the public domain” (O’Sullivan, 2020). That’s kind of a scary Orwellian view, don’t you think? Just because something may have been placed in the public domain, that does not imply consent for the image, your likeness, to be used by anyone for any reason. The image may not have even been consented to by all parties in the photo at the time of creation. Moreover, just because it wound up in the public domain at some point in time cannot be inferred to be “fair game.”
For example, an extended family relative took a picture of my children, tagged their names, and uploaded it to the relative’s Facebook account, without first asking for permission from either my wife or me. We were not comfortable with this and we told the relative as much and requested its removal. The relative complied, however, once it was posted, Pandora’s box was opened and that photo is in various databases for all time. There was no consent from our children, nor from us, their parents. This is just one of hundreds of scenarios to which most of us are subject on a daily basis.
It is estimated that your image will be recorded around 60-100 times per day just going about your daily business.[1] For example, overhead cameras recording your movements into pretty much any store, your neighbor’s security cameras and video doorbells, dashcams, office security cameras, traffic cameras, or one of the most disturbing, using the cashier-less checkout at one particular big box hardware store wherein a close up of your face is recorded—that’s just creepy. In fact, it is almost impossible to not have your image recorded if you leave the house. Most people need to leave the house to work, shop, etc. so this is not really an option. As far as the law is concerned, the moment you walk out of your door there is no expectation of privacy (Cornell Law School, n.d.) Therefore, there is literally no way to opt out of having your image recorded, and possibly making its way to the public domain. Terrifying.
Prohibiting companies from taking this information and using it for commercial purposes is a start, but enforcement must be widespread and consistent. In the European Union they have adopted a regulation called General Data Protection Regulation (GDPR). Among many different common-sense protections for citizens is a provision that defines a person’s “right to be forgotten.” This requires all companies subject to the GDPR regulation to comply with the erasure of all information gathered on a person who is a citizen of the European Union, at the request of said individual. (European Commission, 2016) While not perfect, and still subject to constituent country’s laws, it is a critical first step in trying to reclaim a little privacy back. Last year we Yanks saw our first state law to enact such protections for our citizens—the California Consumer Privacy Act (California Attorney General, 2018). Now is the time for other states to take similar action to choose citizens’ rights over corporate interests.
References
California Attorney General. (2018). State of California Department of Justice. Retrieved from California Consumer Privacy Act (CCPA): https://oag.ca.gov/privacy/ccpa
Cornell Law School. (n.d.). Legal Information Institute. Retrieved from Expectation of Privacy: https://www.law.cornell.edu/wex/expectation_of_privacy
Dictionary.com. (n.d.). Dictionary.com. Retrieved from Public domain: https://www.dictionary.com/browse/public-domain?s=t
European Commission. (2016). European Commission. Official Journal of the European Union, Regulation 679. Retrieved from Data protection: https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens/my-rights/can-i-ask-company-delete-my-personal-data_en
Llenas, B. (2020, 2 14). New facial recognition app promises to solve crimes but critics say it means end of privacy. Retrieved from https://www.foxnews.com/us/new-facial-recognition-app-promises-to-solve-crimes-critics-say-its-the-end-of-privacy
Mirriam-Webster. (n.d.). Mirriam-Webster.com. Retrieved from Public domain: https://www.merriam-webster.com/dictionary/public%20domain
O’Sullivan, D. (2020, February 10). This man says he’s stockpiling billions of our photos. Retrieved from CNN Business: https://www.cnn.com/2020/02/10/tech/clearview-ai-ceo-hoan-ton-that/index.html
[1] I could not find any authoritative sources for this in my research. However, given the prevalence of cameras in stores, places of employment, traffic lights, etc. this figure seems to be well in range of probable. Moreover, this is consistent with figures I have heard for years in the industry.