You’ll be tagged


Get the short URL

Let me introduce you to a friend of mine.


Okay, not a friend. I don’t know who he is. But he accidentally appeared alongside me in a photo taken in Tokyo this week. He’s down here, above my left shoulder. Let’s call him “他人” (stranger).


I was tired, and drinking hot coffee from a can. Why on earth don’t we have this in North America?

I didn’t even notice him. But Facebook did. When I uploaded the picture, Facebook asked me his name:

scanpicWhen he decided to stroll through Harajuku yesterday afternoon, 他人probably had a reasonable expectation of privacy  His expectation came from three basic assumptions:

  • He did not expect to be photographed
  • He did not think a stranger would know who he was
  • He did not expect any sightings of himself to be stored in a shared public place

In other words, he thought that most of the people who saw him would have no context to recognize him, and that any sightings would be ephemeral and soon forgotten.

But those assumptions are rapidly crumbling. Everyone takes pictures now, and as we get prosthetic brains—in the form of Google Glass—we’ll record everything we glimpse. It doesn’t matter whether we know what’s in those glimpses, or even if we paid attention. They’re recorded, and someone, somewhere, has context.

Crowdsourcing facial recognition

If I upload many pictures of the same person (say, thirty photographs of my daughter) Facebook groups them into people it recognizes.


In the example above, Facebook has found several “people” (all of whom are in fact the same person—my daughter) and asked me to name them. By telling Facebook they are all the same person, I have taught Facebook’s algorithms how to recognize her better. This happens whether I share the pictures with anyone, or simply keep them to myself.

In an entirely separate life from my own, 他人 probably has friends who tag him on Facebook. When the facial recognition algorithm doesn’t guess who he is (because of the lighting, or the position of his head, for example) his friends helpfully supply his name. His friends are training the system to better recognize him, just as I am training it to better recognize my daughter.

I have a picture of 他人; his friends have the context to recognize him; and his image is stored forever on Facebook’s servers. The intersection of these three facts is a place of little privacy:


More and more metadata

I gave Facebook a considerable amount of additional information when I uploaded the picture: where and when I took it, my phone’s GPS, the kind of phone I had, and so on.

Picture metadata

Smartphone picture-taking is further helped by tools like Google Goggles that can find text, logos, and clues in images. It can infer things about the weather (from the exposure levels or cloud cover) and my surroundings (from the signage on stores around me.)

Here, for example, is a screenshot of Goggles from a trip I took to Prague in the Czech Republic last year:


Without assistance, using only the edge of a building, Goggles has figured out what the landmark in front of me is.

These are free tools. This is the kind of technology that Three-Letter Agencies could only dream of a decade ago; now, such software is commonplace and often runs in the background, by default.

The result of all this is that, once the training is good enough, every time 他人 shows up in a photo, Facebook will have the necessary information to know where he is and have an idea about what he’s doing.

To be clear: Facebook doesn’t really know it today.

  • There are 127M people in Japan, and only 13.5M (10.5%) of them use Facebook.
  • Globally, only 1.06 Billion of the over 7 Billion people on the planet (15%) use the social network.
  • Facebook has better things to do than violate privacy agreements.
  • Most importantly, analyzing every upload against every picture of every one of Facebook’s users is costly and time-consuming.

Let me repeat: Facebook isn’t currently doing this. But all of the systems are in place to make it trivially easy to do so, and while it might be prohibitively costly to do it for the whole world, it’s downright easy to do it for “persons of interest”.

Can a photograph steal your soul?

Much of the concern over tools like Google Glass has centred around the ubiquity of recording. To me, it’s not the pictures that matter—it’s that we’re training the machine to find context within them in shared environments. The rapid convergence of anonymous data collection, crowd-sourced tagging, and central sharing changes the game dramatically.

A world in which every public sighting is part of a searchable record of our activity is a strange one indeed. Maybe Native Americans were right.

At first, many Native Americans were wary of having their photographs taken and often refused. They believed that the process could steal a person’s soul and disrespected the spiritual world.

Consider the implications of this for law enforcement. There’s no warrant for surveillance—there doesn’t need to be. Insurance adjustors might one day subpoena such records to see if a claimant is actually ill. Spurned spouses could use this information in divorce proceedings.

Maybe you aren’t a criminal. Maybe you have nothing to fear. But as Monty Python reminds us, who hasn’t broken the law?

What kinds of legal protections need to be put in place for this? What protections could be put in place? Can a social platform be compelled to release evidence that could absolve or convict someone? And at what point can a government apply a sort of digital “eminent domain” and access private information to find someone?