back to article Download Fest goers were human guinea pigs in spy tech experiment, admit police

Leicestershire Police has revealed the facial recognition technology it rolled out at Download Festival had no policing utility. Instead it was an experimental assessment opportunity, paid for – and carried out for the sole benefit of – software vendor NEC Corporation. The roll-out of facial recognition technology at Download …

  1. Pen-y-gors Silver badge

    Plan of action

    1. Get friend in St Johns Ambulance or theatrical type to give you some really guesome facial 'injuries'

    2. Buy and wear 'Anonymous' mask

    3. Go to Festival

    4. Wait for them to ask you to remove your mask...

    1. Ian 62

      Re: Plan of action

      Its a 'festival'.

      2450 instances of a tiger were reported.

      120 clowns.

      5230 cats.

      In unrelated news, the face painting tent reported a 2000% increase in customers.

      1. Stevie Silver badge
        Coffee/keyboard

        Re: Plan of action

        Not just the keyboard, the screen too.

  2. Triggerfish

    Oh well

    That's alright then I mean as long as it was some private company using the festival goers as some sort of test, so they can then sell the software at taxpayers cost to the police we should all think its fine. FFS

    1. g e

      Re: Oh well

      If the conditions are on the back of the ticket then how you you consent prior to purchasing?

      1. Anonymous Coward
        Anonymous Coward

        Re: Oh well

        "If the conditions are on the back of the ticket then how you you consent prior to purchasing?"

        Same way as you do when you consent to the EULA in the box of a piece of shrink wrap software prior to purchasing (or agree prior to Downloading the software?), perhaps?

        It's BS either way, but not surprisingly there doesn't seem to be a legal precedent yet afaik.

        1. g e

          Re: Oh well

          Yeah, shrinkwrap licenses were exactly what it reminded me of

      2. ScottAS2

        Re: Oh well

        I imagine it was also buried in the terms and conditions - you know, that little blue link (to multiple pages of dense text) you have to tick a checkbox next to (but not actually read) before it'll let you buy things.

  3. David Glasgow

    Informed consent?

    The text the police refer to as being consent to be recorded for the purposes of their trial would to most appear to be consent to appear in videos and photographs taken as part of the festival itself.

    Most are happy with that. My daughter was delighted to see her elbow appear in crowd shot.

    To use this form of words is disingenuous and exploits an obvious red herring. I don't think this would stand up as properly informed consent.

    1. Daggerchild Silver badge

      Re: Informed consent?

      "The use of the cameras was made known to all individuals who attended the event. This information was clearly available to people purchasing tickets to the event and was in part reiterated on the rear of tickets."
      That isn't a choice... that's a warning you have no choice.

      So, what use is a facial recognition system without faces to look for? Was this external commerical system primed with private data perhaps? I assume this counts as a privately organised event, and thus the data collected on the premises falls under the Data Protection Act, which shouldn't collect data it doesn't need, like your face.

      Who am I kidding. Do now, rationalise/delete later. Someone want to invent an app for kickstarting a class action suit or something?

  4. Anonymous Coward
    Anonymous Coward

    Try taking a picture of a copper and you end up like Ian Tomlinson.

    1. Rich 11 Silver badge

      You'd certainly end up selling newspapers in one sense of the word.

  5. Iain Cognito

    They HATE it when you take their picture.

    One day the massively eroded trust between the plod and public will cost us all dearly.

    1. Adam 52 Silver badge

      There is a reason for that. You see there are some people who, for whatever reason, aren't very friendly towards constables and engage in activities ranging from smearing their cars in faeces to kidnapping their children. For that reason a lot of police don't want their photos on Facebook.

      Plus after the 7th drunk idiot asking for a photo it gets a bit tedious.

      Not excusing mass surveillance, but two wrongs don't make a right.

      1. This post has been deleted by its author

      2. Graham Marsden
        Joke

        @Adam 52

        So perhaps we should tell the Police "If you can't stand the crime, don't do the time"...?

        1. The First Dave

          Re: @Adam 52

          Indeed, my thoughts were that if this has no benefit to the Police, but they spent time setting it up / operating it, then surely NEC should be getting prosecuted for "Wasting Police Time" or whatever the actual charge is.

      3. Anonymous Coward
        Anonymous Coward

        "You agree that the event for which you purchase tickets is a public event, that your appearance and actions inside and outside the venue where the event occurs are public in nature, and that you have no expectation of privacy with regard to your actions or conduct at the event."

        When coppers are in a public place they should have no expectation of privacy.

        (Yup I'm ex-job)

  6. Lee D Silver badge

    There's never any comment on such system's effectiveness.

    I know that, from a perfect, prescribed professional image of myself, the passport "fast channels" at Stansted can't authenticate my face as my face when I put said control image in an electronic format into it's brain and then tell it that the guy in front of it is me. It honestly can't even do a "yes, that's you" check, on a known image that I hand to it that it can verify belongs to the passport, with any amount of pre-processing of the image it could ever want to do. Last time, literally after 3 minutes and 2 retries of standing stock perfectly still staring at the point I was supposed to, it still refused and then a human had to do it for it (which is probably quicker, cheaper AND more accurate). I wasn't the only one. The success rate was pretty abysmal when I was there and there was no clear pattern as to why. Literally, the queue that handled those who'd "failed" the automated test and needed human verificaiton was basically as long as the queues for the manual gates, and there was a spare woman running back and forth shuttling people between the two. Give her a desk, teach her to look at a passport, problem solved.

    So picking out random people from a crowd? Surely not a chance. The "77" detections of volunteers - how many volunteers, how long were they there, how many cameras did they walk past, how many times were they in shot and SHOULD have been detected? And how many of those were 5 or 6 detections in rapid succession and then nothing because they turned to the side slightly? Because I'm pretty sure that if I put some junky facial recognition software that I wrote fed from cameras at a festival for a whole day, I'd be able to successfully detect a known face more than 77 times with even the most useless of actual recognition code. Hell, I'd expect several hundred misdetections every 10 or 20 minutes or so for any reasonable number of cameras.

    I honestly can't fathom why people think this stuff works. The controlled circumstances necessary and the myriad changes that faces undergo just by moving around under a camera, mean that the false-positive rate must be incredibly high, or the detection incredibly unreliable.

    Hell, people are still receiving speeding tickets for other people's cars where the camera detects the plate incorrectly (the highly-specified, legally-required, highly-visible, regulated-font plate) and issues tickets that are then VERIFIED by a human and still has the wrong plate written on it.

    There's so much junk around "AI" and terrorist-detecting technology at the moment. Dammit, we can't even get the damn bank machines to read a computer-printed cheque properly yet.

    1. Anonymous Coward
      Anonymous Coward

      Without having any positivity for the Download system from NEC, how can your experiences with one system from one manufacturer that uses technology from many years ago imply that it is impossible to work.

      Facial recognition for access to smartphones for instance can work very well (albeit that they may not be 'secure') and there are facial unlock systems that are also pretty good.

      So I would say 1 manufacturer not being able to create a reliable systems != no other manufacturer or technology being able to do it.

      As for Car number plates, I would say that in the vast majority of cases it works well (unfortunately) probably detecting thousand of 'offenders' every day. If it didn't there's no way the tax disk would have been scrapped. If you get a chance to try out the Google translate app on a live image of a foreign sign you could be amazed at what text detection can do - I tried it today it was very spooky, people I showed it to thought it was a joke app.

      1. Lee D Silver badge

        OCR since the old days has been quite impressive in proper context. Given the increase in computing power available, it's not come on anywhere near as much as it was expected to. It's almost as if just doing more brute force with a simple algorithm isn't comparable to actual intelligent understanding of what you're looking at.

        This is my point. A multi-million pound project, the country's security reliant on it, can't do one simple thing with one source image anywhere near reliably. It's almost as if it doesn't matter how much money you throw at it, you can't just "brute-force" intelligent recognition of image features. The image CAPTCHA is still the top human-test used - because getting OCR to successfully recognise anything is much more difficult that it sounds.

        ANPR cameras advertise 90% recognition rates. I know, I've priced them up. That's with IR-cameras in the perfect frequency with filters for reflection for the plates, aimed at a static point that you have to pass at the perfect angle, with entire PC's of computer power behind them and HD cameras. 90%. ANPR on your local bobbies patrol car doesn't need to be any more effective to scare people into doing it because - well, how many tax discs were they checking before ANPR? It's a no-brainer to work out that even a bad ANPR system does a better job than checking a few dozens discs a day. And the real test is still the officer tapping in your details into a computer or asking the radio to double-check if they've pulled you over.

        It's not as simple as "let's throw more money/CPU at it". It's a difficult problem not solved by brute force. This is why we "train neural nets" to do this stuff. That's AI-theorists code for "God knows what we should be looking for, we've exhausted all the stuff we can reasonably specify in a 10GHz computer analysis and come up with nothing, let's see if random evolution can find a pattern that works". If anything the best example of AI and the area of computer vision is the Kinect, and that goes wrong and is a gaming toy.

        And face-unlocking a phone is a really bad example - how many other similar-looking people have you shoved in front of your phone and asked them to try to unlock it?

        I have friends who designed the computer vision code for ATM's and suchlike, including those machines in foreign countries where you can pay in cash to your account using the machine. Pretty much, it's a handful of heuristics in a really closed-off number of possibilities, with everything in it's favour (UV-reflecting parts, specified sizes, etc,) and still it can't get near a 99% recognition rate.

        The problem is not the manufacturer, the cost, the size, the project, the backers, or the method. It's that it's a ridonkulously difficult problem that's not solved by writing code to test possibilities or come up with statistical markers. We don't have systems capable of getting close. It takes the one of the world's most powerful machines to answer questions on a game show. Stick some random do-do in front of a dumb OED search engine and see how they do at the same task.

        It's an entirely different type of computing, requiring entirely different solutions that we do not have, and cannot describe, in order to solve. We can take stabs at it (and OCR, ANPR, Google Translate etc. currently are our best stabs at it - would you like to ask my Italian girlfriend how close Google Translate gets to anywhere near correct Italian, or how well the Italian voice recognition can understand her?) but we just don't have a method to solve it adequately yet.

        P.S. I wrote a ink-handwriting-recogniser in Visual Basic (I think it was 2.0 but I might be wrong) when I was a kid. It's not that difficult to get "okay" results. Palm were doing for years before I tried. Fact is, it's STILL not possible to just handwrite on a tablet, even with orders-of-magnitude advances in CPU, RAM, etc. Hell, even cloud computing nowadays. We can crack 256-bit keys for a pittance, but we still can't get the address right from a handwritten postcode more than 8 times out of 10.

        1. John Brown (no body) Silver badge

          "We can crack 256-bit keys for a pittance, but we still can't get the address right from a handwritten postcode more than 8 times out of 10."

          I do sometimes wonder if we are too enamored with "digital is good" and have forgotten everything we ever learned about analogue data processing and whether anyone is even looking at analogue computing these days. Facial recognition and handwritting/OCR seem ideal candidates for at least front end analogue pre-processing.

          Too many people look for shortcuts to make life easier, or only use the tools they know. How many devices do we have with "digital" volume controls which don't have fine enough discrete steps, especially down at the low end?

      2. John Brown (no body) Silver badge

        "Facial recognition for access to smartphones for instance can work very well "

        Well, for some low value of "very well". They use very few data points and are mainly designed to "see" the same face, not pick you out from many faces. Try saying " eh oh oo eh" to an Android phone and there's a good chance the voice recognition will pick that up as Hello Google" Same principle, but as you did say, it's not meant for security.

  7. scrubber

    What are you all worried about?

    "the facial recognition software does not take or store anyone's photograph"

    No harm no foul. If you can't trust security who can you trust?

    "TSA has not, will not and our Advanced Imaging Technology (AIT) cannot store images of passengers"

    See? It's all good.

    "Feds admit they stored body scanner images, despite TSA claim the images cannot be saved"

    Oh...

    1. Stevie Silver badge

      Re: What are you all worried about?

      Nonononono. Everything DOES get deleted from disc.

      It's just that diligent SAs ensure there is a good backup before anything gets erased.

      Hey Pesto! Both sides happy.

      What?

    2. Yet Another Anonymous coward Silver badge

      Re: What are you all worried about?

      "the facial recognition software does not take or store anyone's photograph"

      That in a way is even worse.

      You can never fly again because the computer says your face matches a terrorist.

      Unlikely since I am a 70 year old women with blue hair - can I see the photo?

      No there is no photo - but the 32bit hash of your face data matches one of the other 4Bn hashes in our database so you are a terrorist.

      1. Steve Davies 3 Silver badge
        Happy

        Re: What are you all worried about?

        The the Blue Rinse Grannies (BRG's) is something to worry about. With the increasing number of over 60's in the population in need of a political voice, the Grannies would be very useful as saboteurs and assasins. Thise Hat pins make lethal weapons you know.

    3. Trollslayer Silver badge
      Thumb Down

      Re: What are you all worried about?

      TSA requirement for the systems included the ability to record and transmit images.

  8. AbelSoul
    Big Brother

    Depressingly...

    I fear we will see a gradual but steady increase in this type of intrusive pish over the coming years.

    1. P. Lee Silver badge

      Re: Depressingly...

      >I fear we will see a gradual but steady increase in this type of intrusive pish over the coming years.

      I doubt it. I hope the organisers did well out of the last Download festival. This is bridge-burning at its very best.

      Someone's going to make a fortune taking a picture of a security guard's face and printing it on sweat-shirt hoods.

  9. cantankerous swineherd Silver badge

    the cops are going for a totalitarian state. more cuts required.

    1. Anonymous Coward
      Anonymous Coward

      Careful what you wish for, we could end up with Robocops.

      Robocops do not take a bribe.

  10. Rimpel

    Liars

    So the PR department lied about the system before the event and the police continued to lie about it afterwards and they wonder why we don't trust them.

  11. Anonymous Coward
    Anonymous Coward

    Buy a clue

    Do you think authorities would tell you if they netted some crims or are following them based on security surveillance from the event? If you do then you are a fool.

    1. Cynic_999 Silver badge

      Re: Buy a clue

      If the system had resulted in the detection of criminals, then of course the police would advertise that fact after making use of that information because the more the public believe the chance is of the police detecting criminals, the less likely a person is to commit a crime. Sure, initially they may keep the suspect under surveillance without telling anyone, but that would only be for the duration of the festival - the information has little value for crime detection purposes after that.

  12. Trollslayer Silver badge
    Thumb Down

    77 hits?

    With 80-90,000 attendance and three days with good pictures they only got 77 hits?

    No impressed.

    1. Graham Marsden

      Re: 77 hits?

      And how many False Positives did they get in that time...?

  13. John Smith 19 Gold badge
    Gimp

    so the police view seems to be

    If it's not made illegal for us to do it. We''ll do it.

    1. CP/M-80
      Black Helicopters

      Re: so the police view seems to be

      The Police are more about "order" than "law" these days it seems. Keep the population under control, rather than apply the law fairly an evenly.

    2. John Brown (no body) Silver badge

      Re: so the police view seems to be

      "If it's not made illegal for us to do it. We''ll do it."

      That is how UK law is supposed to work. Everything is allowed unless there a rules disallowing it.

      Other legal frameworks do the opposite. Everything is illegal unless there is a law allowing it.

  14. Anonymous Coward
    Anonymous Coward

    Some years ago

    My father phoned me up at work to ask "I've been asked to sue NEC, do you know who they are?"

    So I told him...I won't go into the case except to note that the client didn't have a strong one.

    But it looks to me like somebody should definitely be looking at NEC, this time round. To be precise, the Information Commissioner or, failing that given who is now Home Secretary, the Brussels equivalent thereof.

  15. Yugguy

    Omnicorp

    We're one step closer.

    Still, at least Robocop.

  16. Chris G Silver badge

    Looking forward to the day

    When GCHQ know everything about me ( if they don't already)and the cops have tracked me everywhere with facial recognition; I will have nothing left to hide so I will have nothing to fear.

    That's right, isn't it?

  17. Anonymous Coward
    Anonymous Coward

    Simple logic for a PC Plod brain

    If (convicted criminal)

    yes, you can store facial images, DNA and other information that might help solve a crime in future

    else

    don't store or transmit any information about that person

    endif

    It shouldn't take more than a couple on NAND gates to implement that and then we'd get plods that people could, maybe, learn to trust again.

  18. Hans 1 Silver badge

    >Protection of Freedoms Act 2012.

    Usually, plural means more than singular ... except for the word freedom.

  19. Tubz
    Big Brother

    Who is running the UK Police forces these days. OCP or Stalin, hell probably a mixture of both?

    1. Anonymous Coward
      Anonymous Coward

      ACPO Ltd

      "Who is running the UK Police forces these days. OCP or Stalin, hell probably a mixture of both?"

      In practice (rather than what the law proposes) that would be ACPO Ltd. ACPO = Association of Chief Police Officers. If there's dodginess going on, they know about it.

      Dissolved/replaced in 2015 by the National Police Chiefs Council. Same sh*t, different name?

  20. Anonymous Coward
    Anonymous Coward

    So if I understand this correctly

    Under the guise of "law enforcement" this was actually a test bed for a vendor looking to sell its kit to the police.

    So the following questions have to be asked:

    1, How much did NEC pay to either Leicestershire Plod or Download to do this?

    2. How many golf days did senior Leicestershire Plod staff have with NEC?

    As for the plainly false information provided in the press release I wonder when we will see the people responsible prosecuted for misconduct in public office?

    http://www.cps.gov.uk/legal/l_to_o/misconduct_in_public_office/

    Definition of the offence

    The elements of the offence are summarised in Attorney General's Reference No 3 of 2003 [2004] EWCA Crim 868. The offence is committed when:

    a public officer acting as such

    wilfully neglects to perform his duty and/or wilfully misconducts himself

    to such a degree as to amount to an abuse of the public's trust in the office holder

    without reasonable excuse or justification

    I wonder what the reasonable excuse/justification is?

  21. Peter Gathercole Silver badge
    Black Helicopters

    I'm surprised nobody else's commented on breadth of the T's&C's.

    Quotes from the T's&C's

    "...to us and the Event Provider(s) ..."

    "...actions inside and outside the venue..."

    "...regardless of whether before, during or after play or performance..."

    "...for any purpose ... any medium or context now known or hereafter developed"

    "...without further authorization..."

    OK. Reading this completely literally, this means that you've given the organisers and Police a blanket authorisation to record you for ever, and use that data for whatever they want, and this covers any image data that they already held before the event as well.

    Anybody else a little bit worried by this? I would hope that it is so broad that it could be challenged, but unless it is deemed unfair by a court, it could have long-reaching effects on the attendees future rights.

    1. John Brown (no body) Silver badge

      Re: I'm surprised nobody else's commented on breadth of the T's&C's.

      "Anybody else a little bit worried by this? I would hope that it is so broad that it could be challenged, but unless it is deemed unfair by a court, it could have long-reaching effects on the attendees future rights."

      I think it would require someone with money to bring a case of unfair contract to a court and, like most T&Cs, have it shown for what it is, an illegal data grab putting all the rights on one side of the contract to the detriment of the consumer.

  22. Bernard M. Orwell Silver badge

    CHA-CHing.

    Dat the sound of da police!

    (also, told you so.... Pilot Project).

  23. Down not across

    The strategy worked

    Leicestershire's chief constable, Simon Cole, stated that the force always works "closely with[the Download Festival organisers] to keep people and their property safe and the very low crime figures this year suggest that our joint crime reduction strategy worked."

    Well that depends. Theft from tents went done 90.5% but them from motor vehicles (& linked damage) went up 350%. Theft general also up 18%.

    (yes, aren't statistics lovely especially with percentages)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019