It has been reported that Clearview AI suffered a data breach that involved its entire list of customers. Clearview’s clients are mostly law enforcement agencies, with police departments in Toronto, Atlanta and Florida all using the technology. The company has a database of 3 billion photos that it collected from the internet, including websites like YouTube, Facebook, Venmo and LinkedIn. This comes on the heels of their photo-scraping and facial recognition capabilities raising major privacy concerns.
Commenting on this, Tim Mackey, principal security strategist within the Synopsys CyRC (Cybersecurity Research Center), said “In cybersecurity there are two types of attacks – opportunistic and targeted. With the type of data and client base that Clearview AI possess, criminal organisations will view compromise of Cleraview AI’s systems as a priority. While their attorney rightly states that data breaches are a fact of life in modern society, the nature of Clearview AI’s business makes this type of attack particularly problematic. Facial recognition systems have evolved to the point where they can rapidly identify an individual, but combining facial recognition data with data from other sources like social media enables a face to be placed in a context which in turn can enable detailed user profiling – all without explicit consent from the person whose face is being tracked. There are obvious benefits for law enforcement seeking to identify missing persons to use such technologies for good, but with the good comes the bad.
(20)
Article Link: http://digitalforensicsmagazine.com/blogs/clearview-ais-entire-client-list-stolen-in-data-breach-comment/