Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

A complex picture of your personal life can now be pieced together using a variety of public data sources, and increasingly sophisticated data-mining techniques. But just how accurate is that picture?

Last week in Las Vegas, at the computer security conference Black Hat, Alessandro Acquisti, an associate professor of information technology and public policy at the Heinz College at Carnegie Mellon University, showed how a photograph of a person can be used to find his or her date of birth, social security number, and other information by using facial recognition technology to match the image to a profile on Facebook and other websites. Acquisti acknowledges the privacy implications of this work, but he warns that the biggest problem could be the inaccuracy of this and other data-mining techniques.  

Acquisti says that his current work is an attempt “to capture the future we are walking into.” In this future, he sees online information being used to prejudge a person on many levels—as a prospective date, borrower, employee, tenant, and so on. The Internet, he says, could become “a place where everyone knows your name”—a worldwide small town that won’t let you live anything down.

Beyond the obvious concerns about strangers knowing more than ever about you, Acquisti worries about what will happen when the technology makes mistakes. “We tend to make strong extrapolations about weak data,” says Acquisti. “It’s impossible to fight that, because it’s in our nature.”

A number of companies have already begun using social media to measure and track reputation. The Santa Barbara, California, company Social Intelligence, for example, performs social-media background screenings on prospective employees, promising to reveal negative information such as racist remarks or sexually explicit photos, or positive information such as signs of social media influence within a specific field. Other companies, such as Klout, track users’ level of social influence, allowing advertisers to offer special rewards to those with high scores.

But Acquisti’s research demonstrated the pitfalls of placing too much relevance on social networking data. His team took photos of volunteers and used an off-the-shelf face recognizer called PittPatt (recently acquired by Google) to find each volunteer’s Facebook profile—which often revealed that person’s real name and much more personal information. Using this information, the team could sometimes figure out part of a person’s social security number. They also created a prototype smart-phone app that pulls up personal information about a person after they are snapped with the device’s camera.

9 comments. Share your thoughts »

Credit: Technology Review

Tagged: Communications, Web, security, social networking, data, Black Hat

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me