Automatisierte Gesichtserkennung: Warum die Technik gefährlich ist.

Automatisierte Gesichtserkennung: diese Woche is eine Recherche zu dem US Unternehmen Clearview durch die Medien gereicht worden. Die Artikel haben jeweils viel Aufmerksamkeit auf sich gezogen.

Claudia Orsini. cyber. - Automatisierte Gesichtserkennung.
Claudia Orsini. cyber. CC-BY-2.0, Flickr.

Gesichtserkennung ist das Feature, das man bereits von Fotoverarbeitungsprogrammen, Handys und sogar Sozialen Medien kennt. Für die meisten Nutzer dieser Programme oder Dienste ist das meist ein lustiges, manchmal sogar nützliches Feature. In einer großen Sammlung von Fotos schnell alle für die Geburtstagsfeier alle Freunde wiederzufinden, ist schon praktisch.

Wenn diese Funktionalität die Grenzen der privaten Nutzung überschreitet beherbergt die Anwendung große Gefahren. Zum einen handelt es sich hier im eine private Firma. Weder weiss eine betroffene Person, ob Ihr Bild in der Datenbank geführt wird, noch ist eine Kundenliste der Firma bekannt. Das bedeutet, dass die Anwendung der Datenbank ebenso unklar ist, und damit auch Missbrauchspotential eröffnet. So gab es bereits Fälle, in denen Beamte Frauen nachstellten. Eine Fotodatenbank erleichtert solche Vorhaben. Genauso, wie Regierungen und offizielle Stellen beispielsweise Videoüberwachung öffentlicher Plätze leichter auswerten können. Damit wäre denkbar, Bewegungsprofile von beispielsweise Regierungskritischen Bürgern zu erstellen.

Die Technologie bringt durch Ihren Einsatz im öffentlichen Raum eine automatisierte Verletzung von Privatsphäre der Bürgerinnen und Bürger mit sich, wie auch Ulrich Kelber, Bundesdatenschutzbeauftragter, sich äussert.

In der Süddeutschen hat Simon Hurzt bereits am Dienstag eine handliche Übersicht über die Problematik mit der Technik veröffentlicht. In dem Artikel sind die wichtigsten Fragestellungen über automatisierte Gesichtserkennung antwortet.

Twelve Million Phones, One Dataset, Zero Privacy

Twelve Million Phones, One Dataset, Zero Privacy is part one of One nation, tracked, an New York Times investigation series.

Twelve Million Phones, One Dataset, Zero Privacy

is part one of One nation, tracked, an New York Times investigation series of smart phone information tracking and by Stuart A. Thompson and Charlie Warzel, within their privacy project. The research covers multiple topics, only starting out with an analysis of the potential contained in smartphone tracking information.

What we learned from the spy in your pocket.

Twelve Million Phones, One Dataset, Zero Privacy

The authors analyse a large dataset of location information from New York and Washington, DC, cell phone users. With the analysis, the article debunks myths about data privacy. The key takeaway of the analysis, to my interpretation are:

Twelve Million Phones - One Mobile Phone User in Munich
Mobile Phone User – Munich
  1. Data is not anonymous – the authors successfully identified a Senior Defense Department official and his wife. And this was possible during the Women’s March. According to authors, nearly half a million descended on the capital for this event. (Other sources only mention one hundred thousand attendants)
  2. Data is not safe – the authors point out complex relationships of companies in the tracking business. Complexity makes it impossible to ensure ownership. There is no foolproof way for anyone or anywhere in the chain to prevent data from falling into the hands of a foreign security service.
  3. Affected persons cannot consent – the authors criticism seems reasonable. Virtually all companies involved with tracking require user consent. And even cell phones make the geo-tracking feature visible to users. Only barely anyone in the business makes purpose transparent. In other words, no company prominently announce how they package and sell data or insight.

One Nation, Tracked

The article is a creepy read, but worth the time spending. The series One Nation, Tracked continues with 6 other parts:

  1. discussing how to Protect Yourself
  2. National Security, which is for the the US in the article.
  3. details on How it works
  4. individual spying in One Neighborhood
  5. Protests is about how this business betrays democracy
  6. And offers Solutions through privacy rights.

Source: Opinion | Twelve Million Phones, One Dataset, Zero Privacy – The New York Times

Hello twenties.

Hello twenties.


Social media is a mistake: Let me start the new decade in the Photo category with a video. In the past year I challenged myself and take a picture every day. The project was inspired by an old, fellow student. It sounded easy in first place, turned into a challenge soon and I use to self-reflect upon achievements and new experiences. Taking a photo of something new every day will make you start think about what you did. Sometimes, after a long day in office, it requires plenty of discipline to pay attention to your schedule and environment.


To measure the result, when starting, I decided to go for Instagram. Get Likes has never been the goal. The level of interaction with the platform and exposure to the crowd I got there gave plenty of insight into how the crowd works. But the service never convinced for many reasons. As stated elsewhere, the experience just re-affirmed my feeling that social media is a mistake.

The medium is driven by vein and pride, just as Scott Galloway put it, the seven deadly sins. These are not good guidance in first place. And they are by no means compatible with the goals of the project, even though it generated plenty of attention and positive feedback.


And finally, the company owning Instagram, Facebook, requires to accept a license through their Terms of Service to grant to them a non-exclusive, transferable, sub-licensable, worldwide license to host, use, distribute, modify, run, copy, publicly perform or display, translate, and create derivative works of your content (consistent with your privacy and application settings) for purposes of making the Instagram Service available. While comprehensible the service needs authority over content to offer the service, these purposes are too broad for what I want to achieve. Instagram is driven by users registered and wouldn’t allow the audience I have in mind to consume the photos without registering. Just try scrolling through the page, it will require registration quickly.


You can end this license anytime by deleting your content or account. Following the Terms of Service, this is the only way to not grant these. And while Instagram offers means to download all content, this still ain’t too easy: all the content over there has meta information, like comments and or locations, that are not straight forward to transfer. Which brings me to one of next years resolutions: not only continue my own project here – to take a photo every day as an act of self-reflection. But also to migrate existing content from Instagram over here.

Hello twenties: Instagram Err(or?)
Instagram Error

And the same is true for other social media. For example, LinkedIn does also leverage such mechanisms. While the above is only an example, I try to put more attention to these models. And this page shall serve as a basis to replace others in the .

Social media is a mistake. Take back the web and decentralise the next decade.

Kampf gegen Facebook: Rückenwind für Schrems vor EuGH

Schon seit den Snowden Leaks setzt Max Schrems sich gegen Facebook und für Datenschutz in Europa ein. Noch am 19.12.2019 hat das EuGH in seinem Sinn entschieden, schreibt der Österreichische Rundfunk:

Am Donnerstag errang er [Max Schrems] einen Etappenerfolg: Der Generalanwalt des Europäischen Gerichtshofs (EuGH) empfahl dem Gericht, bei einigen Grundsatzfragen zum Datenaustausch zwischen den USA und EU in Schrems’ Sinne zu entscheiden.

Source: Kampf gegen Facebook: Rückenwind für Schrems vor EuGH –

Quitting Google

Nithin Coca of The Next Web went on a quest to quitting Google. In this article, he describes his experience and gives plenty of pointers on how to achieve the same. He start out making a point about individual privacy, and points out individual alternatives to popular Google services. Starting from using Firefox over Chrome to particular services for daily office use. At the end of the year, this little “Quitting Google” guide contains little news, but serves as a good starting point to maybe develop a new years resolution and be more sensitive about privacy in the upcoming year 2020.

Nithin Coca of The Next Web
Nithin Coca of The Next Web

Over the past six months, I have gone on a surprisingly tough, time-intensive, and enlightening quest — to quit using, entirely, the products of just one company — Google. What should be a simple task was, in reality, many hours of research and testing. But I did it. Today, I am Google-free, part of the […]

Source: How I fully quit Google (and you can, too)

Unbekannte dringen in Server von Conrad Electronic ein

Ist hier jemand Online-Kunde von Conrad-Elektronik?

Conrad Elektronik
Conrad Elektronik Markt

Durch eine Sicherheitslücke verschafften sich Unbekannte Zugriff auf Conrad-Server mit 14 Millionen Kundendatensätzen.

Source: Unbekannte dringen in Server von Conrad Electronic ein | heise online

Google chief: I’d disclose smart speakers

“Does the owner of a home need to disclose to a guest? I would and do when someone enters into my home, and it’s probably something that the products themselves should try to indicate.”

Well, d’uh. If Rick Osterloh, SVP of Devices and Services, says so. At least the BBC writes.

Safari in iOS sends data to Tencent

Engadget reports, that with iOS 13 Apple started checking website details against fraudulent behavior with Tencent. While Apple already uses “Google Safe Browsing” to improve security, this behavior has been difficult before. With the latest developments in Hong Kong and China, this approach is – at a minimum – questionable and overshadows trustworthiness of Apple hardware. Engadget comments accordingly:

You might not have to worry outside of China, but it’s still a concern.

Source: Safari in iOS sends some Safe Browsing data to Tencent

Facebook lost phone numbers

Again, it’s Facebook, that made news with a data breach. TechCrunch reported first about midnight Euroean time, but it’s all over the news by today, noon. It’s time to realize social media is a mistake.


Heute hat der Europäische Gerichtshof in einem Fall von FashionID, des Onlineshop des Modehändlers Peek & Cloppenburg, ein Urteil gesprochen. Es geht darin darum, wie mit der Weitergabe von Benutzerdaten bei der Verwendung von 3rd Party Content umgegangen werden muss. Dass der Einsatz von beispielsweise Facebook Like Buttons

Unter anderem versucht die Tagesschau aufzuklären. Weil das Urteil durch den EuGH ergangen ist und daher Konsequenzen über Deutschland hinaus haben wird, berichten auch internationale News wie Techcrunch und Yahoo(Reuters).

Simon Assion von #twobirds, Twitter-aktiver Rechtsanwalt, fasst eben dort einige Stichpunkte zu dem Urteil in einem Thread zusammen.