Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Privacy

PimEyes 'Made a Public Rolodex of Our Faces'. Should You Opt Out? (msn.com) 16

The free face-image search engine PimEyes "scans through billions of images from the internet and finds matches of your photo that could have appeared in a church bulletin or a wedding photographer's website," -us/news/technology/they-made-a-public-rolodex-of-our-faces-here-s-how-i-tried-to-get-out/ar-AA1tlpPuwrites a Washington Post columnist.

So to find and delete themselves from "the PimEyes searchable Rolodex of faces," they "recently handed over a selfie and a digital copy of my driver's license to a company I don't trust." PimEyes says it empowers people to find their online images and try to get unwanted ones taken down. But PimEyes face searches are largely open to anyone with either good or malicious intent. People have used PimEyes to identify participants in the Jan. 6, 2021, attack on the Capitol, and creeps have used it to publicize strangers' personal information from just their image.

The company offers an opt-out form to remove your face from PimEyes searches. I did it and resented spending time and providing even more personal information to remove myself from the PimEyes repository, which we didn't consent to be part of in the first place. The increasing ease of potentially identifying your name, work history, children's school, home address and other sensitive information from one photo shows the absurdity of America's largely unrestrained data-harvesting economy.

While PimEyes' CEO said they don't keep the information you provide to opt-out, "you give PimEyes at least one photo of yourself plus a digital copy of a passport or ID with personal details obscured..." according to the article. (PimEyes' confirmation email "said I might need to repeat the opt-out with more photos...") Some digital privacy experts said it's worth opting out of PimEyes, even if it's imperfect, and that PimEyes probably legitimately needs a personal photo and proof of identity for the process. Others found it "absurd" to provide more information to PimEyes... or they weren't sure opting out was the best choice... Experts said the fundamental problem is how much information is harvested and accessible without your knowledge or consent from your phone, home speakers, your car and information-organizing middlemen like PimEyes and data brokers.

Nathan Freed Wessler, an American Civil Liberties Union attorney focused on privacy litigation, said laws need to change the assumption that companies can collect almost anything about you or your face unless you go through endless opt-outs. "These systems are scary and abusive," he said. "If they're going to exist, they should be based on an opt-in system."

PimEyes 'Made a Public Rolodex of Our Faces'. Should You Opt Out?

Comments Filter:
  • [I] resented spending time and providing even more personal information to remove myself from the PimEyes repository, which we didn't consent to be part of in the first place

    Not only does PimEyes rape your privacy, they also rape your free time and ability to choose how your own image (as in 'self') is (ab)used.

    • by cusco ( 717999 )

      Seems like a waste of time, you'd have to spend all day every day opting out of thousands of other orgs worldwide, and you'd still miss some of them located in countries which don't have the requirement to create an opt out policy.

  • by jonsmirl ( 114798 ) on Saturday November 02, 2024 @12:58PM (#64914745) Homepage

    As soon as the trial lawyers in Illinois see this PimEyes is going to receive a gigantic lawsuit for violating the BIPA Act in Illinois. Already cost Facebook $650M for essentially the same thing.

  • Hasn't the rule of thumb for spam in the past three decades been to never, never, NEVER click the unsubscribe or opt-out links because you just verify that your email address goes to a real person, or in this case, who EXACTLY you are?

    Also, David, check that first paragraph. A link broke.

  • Should You Opt Out?

    No, everybody should sue PimEyes.

  • creeps have used it to publicize strangers' personal information from just their image

    It's only a matter of time until some victim is found dead, and we find out how the murder used PimEyes to find who & where their victim was.

    This is a lawsuit waiting to happen.

    1. Claim to have created a giant database of personal images from the web...
    2. Create a service which allows anyone to identify anyone else with just one image. It doesn't matter if it works well or not, because...
    3. Allow people to opt-out of said service by providing personally identifying information with a photograph.
    4. Create a database of confirmed photos/personal information matches from the opt-out process.
    5. Sell said database to an affiliated company, which will do #1 and #2.
    6. Have affiliated company charge
  • I'll rephrase what should have been the first post here:

    Fornicate PimEyes in their delicate orifices and do so to everyone who even looks like them.
  • by silentbozo ( 542534 ) on Saturday November 02, 2024 @01:24PM (#64914787) Journal

    Historically the easiest way to actually ensure individual privacy is to show that a given vulnerability has been used to out a politician or some other high level figure in government, or high-profile individual (wealthy donor or actor/actress).

    https://en.wikipedia.org/wiki/... [wikipedia.org]

    "The Video Privacy Protection Act (VPPA) is a bill that was passed by the United States Congress in 1988 as Pub. L. 100–618 and signed into law by President Ronald Reagan. It was created to prevent what it refers to as "wrongful disclosure of video tape rental or sale records"[1] or similar audio visual materials, to cover items such as video games.[2] Congress passed the VPPA after Robert Bork's video rental history was published during his Supreme Court nomination and it became known as the "Bork bill".[3] It makes any "video tape service provider" that discloses rental information outside the ordinary course of business liable for up to $2,500 in actual damages unless the consumer has consented, the consumer had the opportunity to consent, or the data was subject to a court order or warrant. "

    A different attack would be to claim right to likeness, for states where that is a thing (like California.) https://corporate.findlaw.com/... [findlaw.com] It would be best to crowdsource all affected parties and sue them simultaneously NOT as a class action, in order to force them to individually respond to each lawsuit, in order to bleed them dry and create a higher likelihood that they'll miss a response and be subject to a default judgement. Ideally you'd pierce the corporate veil (I'm assuming whoever set this thing up is not stupid enough NOT to use the protection of a corporation) and sue not only the company involved, but the parties directly.

  • So many people do destructive things with their computers; they might as well something constructive.
  • The demands of the opt-outs are obviously bullshit. The obvious way would be to allow you to opt-out by simply uploading a short video snippet of your face saying “I'm opting out” (or variations of the same in the language and tone of your choice).

  • So no "opting out". Unless you opt in with informed consent, they cannot have your face. And you can withdraw consent again.

    • by cusco ( 717999 )

      Unfortunately for 'opt in' to be the rule you'd have to include the political parties and all their associated spammers and mass mailers, so it's not likely to happen.

  • by Anonymous Coward

    Yes, you should opt-out. But not by sending a selfie, but by sending a GDPR request. How they manage to remove your images without a selfie is their problem, they weren't allowed to collect it first place.

"Show me a good loser, and I'll show you a loser." -- Vince Lombardi, football coach

Working...