AI is systemic in our daily lives. Its algorithms improve supply chains so you can get your packages in days rather than weeks. AI systems predict when your car will need maintenance, they help with the efficient delivery of energy to our homes and offices. And innovations such as AI applications in health care and agriculture are improving peoples’ lives the world over. Yet, at the same time, people are asking very important questions about potentially negative impacts of technology.
As policy makers worldwide consider how to address questions of trust in technology, IBM has consistently advanced the principle of precision regulation. This approach emphasizes carefully targeting policy to address legitimate concerns while promoting innovation, protecting consumer rights and ensuring accountability. Just as we called for this approach to stop the spread of harmful online content, we also believe it could help lawmakers address the privacy and civil rights concerns that have been raised around AI. As an example, consider facial recognition.
Our face is the most intimate and personal expression of our identity. It’s who we are. So, it’s perfectly reasonable for society to have some uneasiness about any technology capable of capturing, storing, and analyzing facial images, or potentially using them as a means of identification. However, blanket bans on technology are not the answer to concerns around specific use cases. Casting such a wide regulatory net runs the very real risk of cutting us off from the many – and potentially life-saving –benefits these technologies offer.
At IBM, we believe a precision regulation approach can inform a reasonably-balanced governance framework for facial recognition systems. But before considering what such a framework would look like, it’s essential that policymakers fully understand that not all technology lumped under the umbrella of “facial recognition” is the same. While these systems may all include the same basic components, they fall into three basic and distinct categories:
Each of these technologies and their uses can raise specific questions and possible concerns, ranging from privacy and civil liberties to user security and safety. In considering whether and how best to regulate any technology – from nuclear power to the Internet – it is imperative to consider both the use and the ultimate end-user. Facial recognition systems are no different.
Instead of simply banning an entire category of technologies with so many possible applications, including many that are helpful and benign, policymakers should employ precision regulation that applies restrictions and oversight to particular use-cases and end-users where there is greater risk of societal harm. Broad rules that fail to differentiate between these various applications likely will lead to unintended consequences that can reach far beyond the issues targeted by the original regulation. For example, recent municipal bans on the use of facial recognition technology by government may cut consumers off from a convenience that could make one aspect of air travel a little less frustrating or aid first responders in rapidly identifying victims of a natural disaster. It simply does not make sense to subject a smartphone and a police body camera to the same regulatory treatment. The same technology used in different situations by different users should be governed by different rules.
There are also clear use cases that must be off-limits. For example, any use of facial recognition for mass surveillance or racial profiling is a clear violation of basic human rights and freedom, and no society should tolerate the use of technology to further such injustices. And providers of facial recognition technology must be accountable for ensuring they don’t facilitate human rights abuses by deploying technologies such as facial matching in regimes known for human rights violations. The principles and laws that apply to the world of atoms should also apply to the world of bits.
At IBM, we believe in the power of innovation to make the world a smarter, healthier, and more prosperous place. And although technology itself is neutral, we fully appreciate that some technology could be deployed in ways that negatively impact society’s trust and confidence in its potential. That’s why we are committed to the responsible stewardship and deployment of new technologies, and why we believe precision regulation can strike the right balance between unlocking benefits and mitigating legitimate concerns.
Specific provisions we believe it would be appropriate to address through such regulation include:
These common-sense limitations that respect user’s right to choice, and control over their personal information, should be the baseline for any responsible company or organization. And companies that choose not to comply should be subject to the full force of regulatory enforcement.
One example of an effort to apply precision regulation to facial recognition has just come from the United Kingdom, where the Information Commissioner has called for a “binding code of practice” to “give the police and the public enough knowledge as to when and how the police can use [live facial recognition] systems in public spaces.” Live facial recognition, or LFR, is a subset of the “facial matching” category discussed above, and the commissioner’s approach is very much consistent with our notion of requiring greater transparency and disclosure into the use and impact of these systems. As lawmakers worldwide grapple with public debate over this technology, different jurisdictions will develop different approaches based on their laws and customs, but the idea of applying precision to balance benefits and risks can be universal.
Policymakers should not wait to address public concerns over facial recognition. But calls for blanket bans are neither helpful nor practical. Why ban a technology that could save time, save money, or save lives? Government, industry and civil society groups must work together to move beyond lofty, hollow pronouncements, and focus on practical solutions to a very real-world problem. That’s a conversation IBM welcomes.
-Christina Montgomery, Chief Privacy Officer, IBM
-Ryan Hagemann, co-Director, IBM Policy Lab
About IBM Policy Lab
Sign up for the IBM Policy Lab newsletter for our latest updates:
Media Contact:
Adam Pratt
202-551-9625
arpratt@us.ibm.com