> They contacted Facebook, which at the time dominated the social media landscape, asking for help scouring uploaded family photos - to see if Lucy was in any of them. But Facebook, despite having facial recognition technology, said it "did not have the tools" to help.
Willing to bet my life savings that they are able to do exactly this when the goal is to create shadow profiles or maximize some metric.
> The BBC asked Facebook why it couldn't use its facial recognition technology to assist the hunt for Lucy. It responded: "To protect user privacy, it's important that we follow the appropriate legal process, but we work to support law enforcement as much as we can."
You don't need to imply they didn't read that part, because it doesn't really affect the point of the comment, that Facebook doesn't actually care about privacy. Even if they're not sharing things willy-nilly, they're still aggressively tracking everyone they can.
The two views aren't necessarily in conflict. I don't appreciate Facebook's use of facial recognition technology, but they built it. I'm extremely disappointed they proceeded to use this technology to influence elections while fighting against making the data available to law enforcement. I understand this may not have been intentional on their part, but the result is the same, and I was not at all surprised by it.
There's another option "I will but only if ..." which is what Facebook rightfully went with. Come back with a warrant is _always_ the correct answer when dealing with LE.
A fourth option is "I can and I will, but only after certain prerequisites are met - go away and meet them first", which looks to me what they were saying.
> From that list of 40 or 50 people, it was easy to find and trawl their social media. And that is when they found a photo of Lucy on Facebook with an adult who looked as though she was close to the girl - possibly a relative.
It sounds like Facebook was a huge boost to the investigation despite that.
Facebook did nothing to assist in narrowing a search area.
What Facebook actually did was host images .. so that after the team narrowed a list down to under 100 people they could look through profiles by hand.
It may as well have been searching Flickr, Instagram, Etsy, etc. profiles by hand.
Yes, and if Facebook didn't exist, presumably these images connecting the abuser to the victim wouldn't have been available anywhere for the investigators to find.
If Facebook didn’t exist, they would’ve found the photos on MySpace. Come on.
All Facebook likely did here that was any different than any other social media platform would have done, was gather Sandberg, Zuck and a cadre of snotty, sniveling engineers in a conference room and debate whether this was good engagement for the platform.
Facial recognition is very powerful these days. My friend took a photo of his kid at the top of Twin Peaks in SF, with the city in the background. Unfortunately, due to the angle, you could barely see the eyes and a portion of the nose of the kid. Android was still able to tag the kid.
I feel like Facebook really dropped the ball here. It is obvious that Squire and colleagues are working for the Law Enforcement. If FB was concerned about privacy, they could have asked them to get a judicial warrant to perform a broad search.
But they didn't. And Lucy continued to be abused for months after that.
I hope when Zuck is lying on his death bed, he gets to think about these choices that he has made.
Google photos has the advantage of a limited search space. Any photo you take is overwhelmingly likely to be one of the few faces already in the library. Not to say facebook couldn't solve the problem. But the ability of Google to do facial recognition with such poor inputs is that it's searching on 40~ faces rather than x billion faces.
> I feel like Facebook really dropped the ball here
This story was from more than a decade ago.
Facebook had facial recognition after that, but they deleted it all in response to public outcry. It’s sad to see HN now getting angry at Facebook for not doing facial recognition.
> I hope when Zuck is lying on his death bed, he gets to think about these choices that he has made.
Are we supposed to be angry at Zuckerberg now for making the privacy conscious decision to drop facial recognition? Or is everyone just determined to be angry regardless of what they do?
> I feel like Facebook really dropped the ball here
This case began being investigated on January 2014 [0], which means abuse began (shudder) in 2012-13 if not earlier.
Facebook/Meta only began rolling out DeepFace [1] in June 2015 [2]
Heck, VGG-Face wasn't released until 2015 [3] and Image-Based Crowd Counting only began becoming solvable in 2015-16.
> Facial recognition is very powerful these days.
Yes. But it is 2026, not 2014.
> I hope when Zuck is lying on his death bed, he gets to think about these choices that he has made
I'm sure there are plenty of amoral choices he can think about, but not solving facial detection until 2015 is probably not one of them.
---
While it feels like mass digital surveillance, social media, and mass penetration of smartphones has been around forever it only really began in earnest just 12 years ago. The past approximately 20 years (iPhone was first released on June 2007 and Facebook only took off in early 2009 after smartphones and mobile internet became normalized) have been one of the biggest leaps in technology in the past century. The only other comparable decades were probably 1917-1937 and 1945-1965.
Facebook rightly retired their facial recognition system in 2021 over concerns about user privacy. Facebook is a social media site, they are not the government or police.
When people on hacker News talk about requiring cops to do traditional police work instead of doing wide ranging trawls using technology, this is exactly what they meant. I hope you don't complain when the future you want becomes reality and the three letter agencies come knocking down your door just because you happened to be in the same building as a crime in progress and the machine learning algorithms determined your location via cellular logs and labelled you as a criminal.
There’s a pretty big difference between surveillance logging your every move your and scanning photos voluntarily uploaded to Facebook.
No, I don’t like Facebook using facial recognition technology, and no I don’t like that someone else can upload photos of me without my consent (which ironically could leverage facial recognition technology to blanket prevent), but these are other technical and social issues that are unrelated to the root issue. I also wish there were clear political and legal boundaries around surveillance usage for truly abhorrent behaviour versus your non-Caucasian neighbour maybe j -walking triggering a visit from ICE.
Yes, it’s an abuse of power for these organisations to collect data these ways, but I’m not against their use to prevent literal ongoing child abuse, it’s one of the least worst uses of it.
The grim meathook future of ubiquitous surveillance is coming regardless. At the very least we could get some proper crime solving out of it along the way.
The EU AI act activates this year. Facial recognition is in the restrictive list. You don't want to give auditors ammunition before it goes live as top fine would cost FB around $4B, and wouldn't be a one time fine.
Even if only law enforcement can use it, having that feature is highly regulated.
[edit] I see this is from years ago. I should read the articles first. :)
I would hazard a guess that the facial recognition will limit the search scope to people associated (to some degree) with your friends account and some threshold of metrics gathered from the image. I doubt it is using a broad search.
With billions of accounts, the false positive rate of facial recognition when matching against every account would likely make the result difficult to use. Even limiting to a single country like UK the number could be extremely large.
Let say there is a 0.5% false positive rate and some amount of false negatives. With 40 million users, that would be 200 000 false positives.
The only explanation for this comment is you never used reverse image search by Google or yandex before it was nerfed or you'd know this is super plausible to find direct hits without many false positives.
It seems to me that the BBC is including those passages at the beginning and end of their story as propaganda so the public begs (demands, even) for more surveillance, and the sale of private data to the government. I mean, think of the children, like Lucy! Seems to be having that effect in this thread, in any case.
It’s absolutely propaganda and a perfect example of how the public gets manipulated on a daily basis. Let’s break down the facts:
- Pushes for facial recognition
- Pushes for more state run surveillance
- Pushes for AI based surveillance
- Pushes for greater data collection, access & mining
- Legitimises it all under the classic “save the kids” meme and pushes emotionally hard for more.
The main issues i’ve seen discussed on HN the last couple of months have been critical of the never ending and increasing government surveillance. Both sides of the pond. This is their answer.
Simultaneously we’re hearing about how almost anybody and everybody beyond a level of power was well aware of industial level sex trafficking and abuse, and either totally turned a blind eye or joined in.
The article might carry some weight if it wasn’t from an authoritarian state backed organisation that’s very well known for covering up for, and protecting multiple famous high level sexual criminals within it’s own organisation, spanning multiple decades, that has never faced any real audit, investigation or justice for its own crimes.
I keep an iPhone SE 1st gen as a secondary phone. It still has the last best keyboard iOS had. Almost zero mistakes. Probably because no AI and other overoptimizitation BS. Every time I go back to my primary 13 I want to cry.
I have more than 20 years of email in my gmail account.
How do I even start migrating?
And even if I migrate, I will need to keep my address alive and forwarding to my new address at least for a few years. So no privacy gains there either.
Does anyone have concrete advice as to how to make the transition?
My gmail address was also almost exactly 20 years old when I migrated two years ago. Here's how I did it:
--
1. Register your domain (if you're doing that) and get fastmail set up -- I remember feeling a physical discomfort clicking "register" on fastmail, it felt like such an insanely impossible thing to do.
2. Set up the IMAP link so that anything sent to your gmail gets delivered to fastmail. Doing so also allows you to send email from your gmail address (with valid spf/dkim) if you want to.
3. Import all your old mail using fastmail's import tool, which Just Works.
4. Set up a vacation autoresponder in gmail that responds only to people in your contacts with a note telling them your new address.
5. Set up a label and filter in fastmail for anything that was addressed to your gmail, so you can easily see what is still sending you email on your old address to assist with migrating services.
--
It worked a charm. I was completely convinced of it within a week, long before the 30 day free trial ran out. I have been an immensely happy customer since then. Could not imagine going back.
Yeah, I feel that. But I promise you, within one week I had one single regret: that I had not done this years ago.
Also, I very much recommend using your own domain. It greatly eases the feeling of having to commit, because your email address is not tied to your provider. That is, if you ever decide fastmail is not for you, next time the switch will be invisible to everyone else.
That's what I thought as well, until I actually started migrating. I learned a few things:
* You probably don't have that many accounts associated with the email, actually. I have about 50 accounts that I care about enough to move, which took me a morning, but it's doable.
* For the same reason, you probably don't have that many (real human) contacts as well. But I could be very wrong. For me, I still occasionally use Gmail to communicate with a few people (like every two months), but that's infrequent enough that I don't care about how bad Gmail is.
* You probably want to review which services you don't regularly use any more, and if you don't have precious data stored with them (you probably shouldn't), consider closing the account instead of changing the email address, if that's an option for the provider.
* You can of course keep checking the original inbox or do forwarding. My experience is that, very quickly, I only need to occasionally check the old email. I still get a few useful emails here and there, but it's manageable. (Plus emails that remind me I should just delete the account)
> I will need to keep my address alive and forwarding to my new address at least for a few years. So no privacy gains there either.
Ya, there's no way of not letting google know what your new address is, but you're going to be emailing a lot of gmail addresses anyway so there's no way around that, really. But with the forwarding they only know incoming mail.
I switched off gmail 3.5 years ago and all I can say is that it wasn't anywhere near as scary as I thought it would be. I setup an auto-responder that would hound people to update their contacts for me and slowly switched over services I cared about (and closed others!) An important point, though, is that I don't really care about old emails. I do still have access to my gmail account, of course, but I have yet to go back. Surely there is a way to export everything and import it into something searchable, though?
Fastmail provides an easy way to migrate [0]. I setup a label in my Fastmail account that will tag all mail coming in from Gmail. Then you go through that list at your leisure and make the requisite contact with the people or services emailing at the old address. It's really not difficult at all. I've been on Fastmail for ~4 years now, and haven't once considered looking back or regretted it. Good luck.
Exactly this! After ~3 years I rarely receive an email with the Gmail tag now that all contacts/services have been switched over (or unsubscribed). Fastmail is easily my most valued paid service, and yet I never have to think about it. Just works very well.
Another happy Fastmail user here. Other than for email, great perks of Fastmail are that it lets me mount my own domain(s) for email and I can even host simple static websites for those domains.
Do you really need for the old emails to be "in an account" to make sense of them? Google lets you just download an archive that can be loaded in a local mail reader.
I was in the same boat as you. I tried Fastmail and they have a really great tool that just did it. I was skeptical but after I tried it was very pleased. Give it a shot.
Willing to bet my life savings that they are able to do exactly this when the goal is to create shadow profiles or maximize some metric.
reply