NIST shared dataset of tattoos that’s been used to identify prisoners – Naked Security

In 2017, the Digital Frontier Basis (EFF) filed a Freedom of Info Act (FOIA) lawsuit seeking to pressure the FBI and the Nationwide Institute of Requirements and Expertise (NIST) to cough up information about Tatt-C (often known as the Tattoo Recognition Problem): a tattoo recognition program that includes creating an “open tattoo database” to make use of in coaching software program to robotically acknowledge tattoos.

For years, the EFF has been saying that creating algorithms that the FBI and legislation enforcement can use to establish related tattoos from photos – much like how automated facial recognition methods work – raises significant First Amendment questions. The considering goes like this: you may strip out names and different personally identifiable info (PII) from the tattoo photos, however the photos themselves typically include PII, reminiscent of once they depict family members’ faces, names, birthdates or anniversary dates, for instance.


As a part of the Tatt-C problem, taking part establishments obtained a CD-ROM stuffed with photos to check the third events’ tattoo recognition software program. That dataset has 15,000 photos, and most have been collected from prisoners, who haven’t any say in whether or not their biometrics are collected and who have been unaware of what these photos can be used for.

Since 2017, when the EFF used a FOIA lawsuit to get on the names of the taking part establishments, it’s been looking for out whether or not the entities notice that there’s been no moral evaluation of the picture assortment process, which is mostly required when conducting analysis with human topics.

On Tuesday, the EFF offered a scorecard with those institutions’ responses.

The outcomes: practically the entire entities that responded confirmed that they’d deleted the information. Nevertheless, 15 establishments didn’t trouble to reply, or stated “You possibly can depend us as a non-response to this inquiry”, to a letter despatched by the EFF in January.

In that letter, the EFF requested that the entities destroy the dataset; conduct an inner evaluation of all analysis generated utilizing the Tatt-C dataset; and evaluation their insurance policies for coaching biometric recognition algorithms utilizing photos or different biometric knowledge collected from people who neither consented to being photographed, nor to the pictures getting used to coach algorithms.

Almost all of the entities that responded confirmed that the information had been deleted. However at the least one college was nonetheless conducting analysis with the dataset 5 years later: the College of Campinas (UNICAMP) Faculty of Engineering Laptop Engineering in Brazil. The college despatched a letter saying that researchers are solely required to hunt ethics evaluation for human knowledge collected inside Brazil. Thus, its researcher would preserve engaged on the tattoo photos by means of the tip of yr after which would delete them.

UNICAMP additionally refused to acknowledge that the pictures contained private info, the EFF says. The group’s tackle the matter:

Tattoos are additionally extremely private and infrequently include particular info and identifiers that might be used to trace down an individual even when their face and identification have been obscured. For instance, despite the fact that the names of the inmates have been faraway from the Tatt-C metadata, the tattoos themselves generally contained private info, reminiscent of life-like depictions of family members, names, and start dates that every one stay viewable to researchers.

UNICAMP additionally stated that its researcher – Prof. Léo Pini Magalhãe – is including to the dataset by grabbing photos of tattoos from the online: a apply that the EFF famous has more and more come below hearth from Congress in mild of the Clearview AI face recognition scandal.