MIT Technology Review reports on the problems that can arise when social-networking sites such as Facebook, Google+ or Twitter are mined for information on their users:
Last week in Las Vegas, at the computer security conference Black Hat, Alessandro Acquisti, an associate professor of information technology and public policy at the Heinz College at Carnegie Mellon University, showed how a photograph of a person can be used to find his or her date of birth, social security number, and other information by using facial recognition technology to match the image to a profile on Facebook and other websites. Acquisti acknowledges the privacy implications of this work, but he warns that the biggest problem could be the inaccuracy of this and other data-mining techniques.
Acquisti says that his current work is an attempt “to capture the future we are walking into.” In this future, he sees online information being used to prejudge a person on many levels—as a prospective date, borrower, employee, tenant, and so on. […]
But Acquisti’s research demonstrated the pitfalls of placing too much relevance on social networking data. His team took photos of volunteers and used an off-the-shelf face recognizer called PittPatt (recently acquired by Google) to find each volunteer’s Facebook profile—which often revealed that person’s real name and much more personal information. Using this information, the team could sometimes figure out part of a person’s social security number. They also created a prototype smart-phone app that pulls up personal information about a person after they are snapped with the device’s camera. […]
But this means that two-thirds of the time, they did not identify people correctly. And those who were correctly identified were still incorrectly matched 25 percent of the time to particular personal interests, and more than 80 percent of the time to the wrong social security number.
Acquisti expects facial recognition technology to continue improving in coming years, and he asks what will happen once it is considered good enough to be trusted most of the time. It could be nightmarish for those who are misidentified. “There’s nothing that we, as individuals, can control,” he says.