Where will it all end?
The vending machine will welcome you back, offer you the usual and ask how the wife and kids are. Kinda like a bar tender........
If you're looking for a future privacy panic, look no further than the coming wave of PC-powered pic-snapping age-guessing vending machines. The idea behind such machines is simple: if you can pop a PC inside a vending machine you get the ability to manage it more effectively and to measure which goods are selling well or …
As always, it's not the cameras that are the problem - if you're in a public place, you can reasonably expect to be photographed by CCTV and people with cameras alike. There's no privacy invasion there, because a picture is just a picture.
The problem is the face-recognition software attached to the cameras. That's where the privacy violation comes in, because it goes from being just a picture to a direct automated means of identification. Use of this sort of software needs to become subject to strict regulation and privacy legislation, not the use of cameras alone.
Imagine if the vending machine company buys access to Facebook's face-recognition database and uses it to identify people walking past the machine. I can picture some vending machine yelling out, "Hey, Steve! Steve Roper! Come here, I've got some awesome snacks for you!"
Now in my book that is a violation of my privacy, regardless of my being in a public place. A person who knows me and recognises me and calls my name is one thing, but a machine doing it to all and sundry via a database whose information was submitted under conditions of privacy is something else entirely.
This shit needs to be nipped in the bud, and it needs to be nipped in the bud NOW.
@Steven Roper
But, but . . . the economy!
Right with you mate. The problem is that technology is advancing far quicker than the laws governing it. Partly because of the speed of the developments, partly because of the slowness of bureaucracy but mostly I suspect because vested interests are far closer to the ears of our elected so-called representatives than the the electorate is.
The starting premise is simple: personal privacy is more important than the profit. That then becomes the test.
"The problem is that technology is advancing far quicker than the laws governing it. Partly because of the speed of the developments, partly because of the slowness of bureaucracy but mostly I suspect because vested interests are far closer to the ears of our elected so-called representatives than the the electorate is."
The irony is that advancing technology like this is probably one of the few areas in which lawmakers need to be moderately active, as laws governing well established concepts like theft, assault and homicide have largely reached steady state. Yet they prefer to waste their time with endless tweaking -- or berating us about what we eat, drink or inhale.
Not necessarily - laws like data protection would surely cover both a database with your name/photo, and the photos taken by the machine.
Given many Governments track record on creating new laws in response to technology, the last thing I want them to do is do it hastily. Given your fears about vested interests, hastily-passed new laws may not be in our favour.
And how long it will be before it sees one?
"Hello, your arseprint has been recognised and law enforcement is on the way to review the evidence of your indecent exposure. Care to purchase a delicious drink while you wait"
Mine's the one with the big slit up the back.
"Hey Steve, Steve. Shouldn't you be at work right now?"
"I can forget I saw you for £20"
"No, hold on, hold on, she's not your wife, insert another £20"
"Hey hold on, I see you earned a princely fortune last year, make that another £100"
"Oh this just gets better, I see from the electoral register you voted for UKIP, insert your entire wallet or I'll put it over the tanoy"
Laughable, but I doubt the fizzy drinks people will consider spending a bottle cap on securing the data, so any hacker could quite easily do the above.
* Note, I do not know Steve and have invented the above scenarios for the purpose of entertaining whilst educating. If his boss is reading this, he was busy at work all day.
This reminds me of the days back when I was a kid where demo programs in computer shops would say "Type in your name" and then say "Hello, Graham, would you like to play a game?".
So I'd type in something like "Idiot", clear the screen, then wait for someone else to come along...
Now let's see, which profile name should I link with the photo of someone who is likely to walk past one of these machines? "Shit for brains"? "You, yes, the ugly one"? Perhaps just "Wanker" would do...
The cameras can provide information on the demographics of potential customers who do *not* buy anything, especially those who actually throw a glance but then just walk by. Much more useful than looking at the paying customers.
Might even be considered a valid market research application. Unless actual footage or snapshots are stored, and/or facial recognition is involved. Neither is really needed for the described application, but what are the chances?...
> figure out the average age of those likely to use it, to better target the inventory on offer.
Well, yes. The vendors already know what inventory is most popular (since those are the products they have to refill most often). So adding the camera tells them nothing new.
And that's where the privacy concerns come in.
The vending machine can (even without a camera, just using a proximity detector) tell when people are nearby and NOT buying its wares. With the facial recognition that the camera allows, it will correctly get the identities of some (possibly just a small number) of these "lurkers" and through social media can target them. Maybe like this:
"Hello, this is the vending machine by the bus-stop speaking. I noticed that you walk past every day but don't buy anything from me. So here's a voucher for 10% off, valid for the next week. And if you don't use that .... remember, we know where you live!"
or worse: "we noticed that lady you were with every day last week isn't your wife ... "
Perhaps, but that doesn't mean it's not concerning.
It's the little steps from different directions that end up converging into something dystopian. The Minority Report future so often referenced regarding these things is very, very close on the technological side and only legislation will prevent it becoming a reality.
I dare say most consumers would rather avoid that type of future and the only way is for ALL commercial facial recognition to be banned. Straight up - no ifs, ands or buts.
It should be enshrined in the constitution of every democracy.
I would extend it to say that, where facial recognition is the choice of the individual - for example as a biometric lock or for a home-automation system to recognise preferences - the company providing the hardware and software for that purpose is NOT allowed see that data.
Privacy was previously based on natural human limits and thus the laws did not have to be overly strict. Up until relatively recently, it hasn't been possible (much less feasible) to monitor, record, cross-reference and analyse data about all your customers as individuals. You could know what was selling well, when the best days and times were and could correlate things like whether a particular advertisement or special worked well.
Everything has and is changing now and the normal barriers that limited how much our privacy could be invaded and eroded are, largely, gone.
It's funny, in the not-funny-at-all-but-really-rather-upsetting way - for some reason law-makers seem all to easily to be able to see that modern technology poses a threat to content providers in the form of copyright violations or to retailers in the form of Internet shopping but somehow they are rather less able to see that those same advances pose an even graver threat to the privacy of the public.
It's a graver threat because once it is gone, it will be beyond difficult to get it back.
That might sound overly melodramatic* but things like this are really a testing of the proverbial waters. We are already seeing the first, tentative, steps down this path and we know where it leads. All the rest of the pieces are already in place - the huge storage capacities and compute power, the uncounted data points, the analysis engines, the world-wide networks and the immense financial backing - it's all ready, waiting. We're already 90% there - we're already being identified and quantified, our very personalities analysed and commoditised.
It's such a small step and the scouts and skirmishers are already on the opposite bank.
* - If you knew me, you'd know that it's in fact quite measured and sober in comparison to my usual flights : )
Actually it shouldn't be. Rather right at the top.
This tech is *relatively* mild when it comes to treating any form of privacy with both it's hobnailed boots, but as has been pointed out above, it's also quite compatible with current privacy intruding tech that's already Out There. It's *really* easy data to network and collate, to a level that even Government is not allowed to do by law. ( At least.... mine is...)
But the machines may not be commercially viable. It may well be the operational costs are too high for the things to ever be profitable, especially if you have to replace them every other day.
I was talking to someone at a conference the other day who is selling facial recognition (and other things like gait recognition for when it can't get a clear view of your face) to supermarkets to add to the ubiqitious cameras they have in the shops and feed information into their already massive big data business intelligence systems. The supermarkets plan to not only link it to their loyalty card databases but also track you as you walk around the shop to see what route you take, which displays you stop at, etc. And not just statistically -- you.
This isn't the future -- the cameras are here now, the recognition software is here now, and the SI companies are looking forward to big contracts connecting it all together.
Please allow me to re-post my comment to the Coca Cola Slurps Millions of MAC addresses thread (which is here: http://www.theregister.co.uk/2014/01/03/coca_cola_slurps_millions_of_mac_addresses/ )
I can see it now...
A camera on the vending machine will use face recognition matching your face with your facebook profile. Then it will say out loud "Hey Sarah! It's hot today, looks like you could use a coke!"
There'll be a picture of Sarah and her mates, (the picture having come from facebook) looking happy and carefree.
Sarah will say "Oh wow, that's so cool" and immediately start recording it with her Google glasses, and bleeting ^M ^M tweeting the fact that the Coke machine knew who she was. "It's so cool!".
She'll buy a coke. A cherry one. Because they're nice. She doesn't carry cash, because, you know, that's so, like, analogue, man. She only carries a credit card. She pays for the coke with her credit card.
The coke machine will say "Gee, thanks Sarah! You have a great day now!". It simultaneously updates her Facebook profile, posting a message on her wall (or whatever the fuck they're called) saying "Hi, I just bought a Cherry Coke at Edmontons on Vine Street and 3rd, 'cause Coke is IT!". It also simultaneously posts a "like" to the Coke corporation.
The purchase by credit card causes an automatic run of her ID against a known terrorist database. Her name is not on the database. She is not a terrorist.
However, it is noticed that she has an outstanding parking ticket from 6 months ago that she has not paid.
An alert is automatically routed to a patrol car in the area, along with her driving licence details, photograph, and pictures of her from her facebook account, for indentification purposes.
Since they have their phone ID, and she's in a Mall, it's relatively easy to track her location within the mall and the police officer spots her quite quickly. She's talking to some friends and tweeting furiously on her phone.
The officer approaches, and in a friendly manner (it's only a parking ticket, afterall, it's not like she's a terrorist or anything) says "Hi, Sarah, I'm Officer Jenkins from 3rd precint. I'm sorry to bother you, but I'm afraid I need to take you down-town to deal with an outstanding parki..."
Sarah hears "I need to take you downtown" and thinks "Shit! My parking ticket". Panic overtakes her. She runs for it.
Officer Jenkins stands for a moment in amazement, before giving chase. He shouts after her "Sarah! Stop! It's okay! It's just a parking ticket!".
An officer approaching from the other direction sees what's going on, and notes that the young woman is running towards him. Probably a theif - stolen someone's handbag or wallet. He draws his side-arm and shouts "Police! Stop!". He notices she has something in her hand. It might be a weapon. He fires one shot and hits Sarah in the chest. Sarah hits the ground.
Her iPhone smashes on the floor.
"Shit" says the officer.
Officer Jenkins arrives. "What the fuck man? What did you shoot her for? She's just a kid"
"I thought she had a weapon. She was running man. I told her to stop!"
"She's just a kid. Get an ambulance"
Officer Jenkins goes to help her while the other officer radios for an ambulance. And backup.
Sarah's friends arrive, and begin recording the incident with their smart phones, and uploading to facebook, YouTube, twitter et al. Hash tag #OMGSarahOwnedLOL.
Officer Jenkins kneels down next to Sarah. "Sarah, are you okay? Don't worry, we're gonna get you some help. You're gonna be fine."
"I... can't... breathe.... I... feel... cold...."
"It's okay Sarah, everything's gonna be fine. You hold on. You hear me? You hang in there. Sarah. Sarah!"
Sarah's eyes stare lifelessly into the void, as she draws her final breath.
"Oh no!" cries officer Jenkins. Tears welling up in his eyes, he begins mouth-to-mouth.
"Come on Sarah! Stay with me!"
How do we know this?
Because the entire incident was recorded, and uploaded by her Google glass.
Meanwhile, the dead girls' profile reads "I just bought a Cherry Coke at Edmonton's and 3rd, 'cause Coke is IT!".
Nice story, and similar to the hacking in Watch_Dogs. There CtOS collects and processes images and you'll get alerts of pre-crime activity so you can go and intervene. Hack CtOS and you'll find a collection of stored surveillance videos from the 'Internet of things', including some from vending machine cameras.
We're lucky it's just a game and companies aren't collecting & collating smartphone, sensor, camera, browser data and attempting to profile you and your surroundings. We're lucky it's just a game that doesn't rely on 2-factor DRM, online authentication, social media integration and includes in-game advertising. Sir, you are being monetized.
Wait to they link in a NFC device reader
When sales are down and
you stand near the machine or just wander near and out pops a can of cococrud
Hum free vended cococrud so you pick it up and walk away
3 weeks later you find it charged to your CC
recorded video has you taking your cococrud so you get stuck paying for the can you took thinking it was free
Tough luck consumer
don't forget to wrap your wallet in tinfoil
Wow, the tin-foil hat brigade are really out in force on this one, aren't they?
To everybody going on about how they're going to vandalise the machines to prevent the camera from seeing them: why are you OK with the cameras on every cashpoint? They have far more personal data than your soft drink preference, but none of you seem to be panicking about the Link Network posting your current account balance to Facebook, or extorting you based on the locations that you withdrew cash at, or your companions when you withdrew it.
Is it because banks are all trustworthy, decent organisations that wouldn't dream of screwing over their customers for a few quid? Yeah, that must be it.