Nine privacy groups plan to withdraw from U.S. government-hosted negotiations to develop voluntary facial-recognition privacy standards because the groups feel the process would not lead to adequate privacy protections.
Industry representatives at the talks have been pushing to limit consumer control over the facial recognition data collected, the groups said in a letter to be released Tuesday.
"We are convinced that in many contexts, facial recognition should only occur when an individual has affirmatively decided to allow it to occur," wrote the groups, including the Center for Digital Democracy, the Electronic Frontier Foundation and Consumer Action. "Industry stakeholders were unable to agree on any concrete scenario where companies should employ facial recognition only with a consumer's permission."
The talks, hosted by the U.S. National Telecommunication and Information Administration, started in February 2014 and participants have invested about 40 hours of work in 11 meetings, said Alvaro Bedoya, executive director at the Center on Privacy and Technology at Georgetown Law, which is also withdrawing from the negotiations.
The nine groups withdrawing from the talks represent all the major privacy and consumer groups that were taking part.
The NTIA is disappointed that some participants have withdrawn from the talks, the agency said. "Up to this point, the process has made good progress as many stakeholders, including privacy advocates, have made substantial, constructive contributions to the group's work," an agency spokeswoman said by email.
Several other participants want to continue meeting to "tackle some of the thorniest privacy topics concerning facial recognition technology," she added. "The process is the strongest when all interested parties participate and are willing to engage on all issues."
At last Thursday's meeting, privacy organizations left early after the group failed to make progress on consumer consent issues. The problem is not with the NTIA process, but "in the resistance of industry associations to embrace privacy choices that leading companies like Microsoft and Google made a long time ago," Bedoya said by email.
In many cases, facial recognition vendors have been more careful with deploying the technology than negotiators at the NTIA meetings have advocated, Bedoya added.
"Due to state laws and just good business sense, most of the leading companies have refused to turn facial recognition on automatically," he said. "Instead, they turn it on only if customers choose to turn it on. Industry associations have staked out a position that is less protective of privacy than the companies they represent -- and far less protective of what consumers deserve."
If the NTIA process goes forward without privacy and consumer groups, that will raise questions about the product, Bedoya added. "If all consumer groups who have been active withdraw, I don't think it can be called a 'multistakeholder' process," he said. "It can be called an 'industry' stakeholder process."
Sign up for CIO Asia eNewsletters.