Fawkes: Protecting Personal Privacy against Unauthorized Deep Learning Models

02/19/2020
by   Shawn Shan, et al.
2

Today's proliferation of powerful facial recognition models poses a real threat to personal privacy. As Clearview.ai demonstrated, anyone can canvas the Internet for data, and train highly accurate facial recognition models of us without our knowledge. We need tools to protect ourselves from unauthorized facial recognition systems and their numerous potential misuses. Unfortunately, work in related areas are limited in practicality and effectiveness. In this paper, we propose Fawkes, a system that allow individuals to inoculate themselves against unauthorized facial recognition models. Fawkes achieves this by helping users adding imperceptible pixel-level changes (we call them "cloaks") to their own photos before publishing them online. When collected by a third-party "tracker" and used to train facial recognition models, these "cloaked" images produce functional models that consistently misidentify the user. We experimentally prove that Fawkes provides 95+ recognition regardless of how trackers train their models. Even when clean, uncloaked images are "leaked" to the tracker and used for training, Fawkes can still maintain a 80+ experiments against today's state-of-the-art facial recognition services and achieve 100 of countermeasures that try to detect or disrupt cloaks.

READ FULL TEXT

page 8

page 13

research
02/13/2022

Privacy protection based on mask template

Powerful recognition algorithms are widely used in the Internet or impor...
research
02/10/2022

Face Beneath the Ink: Synthetic Data and Tattoo Removal with Application to Face Recognition

Systems that analyse faces have seen significant improvements in recent ...
research
11/14/2021

Towards Privacy-Preserving Affect Recognition: A Two-Level Deep Learning Architecture

Automatically understanding and recognising human affective states using...
research
06/28/2021

Data Poisoning Won't Save You From Facial Recognition

Data poisoning has been proposed as a compelling defense against facial ...
research
10/20/2020

Preventing Personal Data Theft in Images with Adversarial ML

Facial recognition tools are becoming exceptionally accurate in identify...
research
04/23/2018

It is Free and Always Will Be - Trading Personal Information and Privacy for the Convenience of Online Services

Internet users today are constantly giving away their personal informati...
research
11/01/2018

The Natural Auditor: How To Tell If Someone Used Your Words To Train Their Model

To help enforce data-protection regulations such as GDPR and detect unau...

Please sign up or login with your details

Forgot password? Click here to reset