Good question, and one we have thought about quite a bit. We very much know that we’ll be involved in a cat and mouse game with facial recognition companies over time. Our objective is to protect users from facial recognition today and going forward. Even if next year, for instance, a facial recognition company can develop tech that works on protected images posted this year, if we are able to advance our protection to match advances in facial recognition next year the user will still be protected in real time - which is what really matters. So in short - it likely won’t matter if/when there are advances in facial recognition if we can keep up!
> Even if next year, for instance, a facial recognition company can develop tech that works on protected images posted this year, if we are able to advance our protection to match advances in facial recognition next year the user will still be protected in real time...
This isn't entirely clear to me. Are you saying something to the effect of, "While historical images would indeed be compromised, there is value in at least the current images not being compromised"?
The next HaveIBeenPwned is HaveIBeenBurned. May already exist for internal national security use cases.
I see what you’re asking and I share those concerns. This approach seems like it would only stop casual attempts, not determined large scale automated bulk collection, yet it is pitched as if it’s effective or could be improved to be effective. I would expect that its usage would be able to be detected in a photo even if it works, which would itself be meaningful information which could be tracked, like DNT in web browsers.
"Adversarial AI" doesn't really work against systems like Clearview that aren't using "AI" in the first place.