The controversial facial recognition platform PimEyes is once again facing scrutiny from privacy advocates. PimEyes first garnered headlines in June of 2020, when the company acknowledged that it had made its services available to law enforcement agencies.
In that regard, PimEyes is comparable to the equally controversial Clearview AI. However, there are several significant differences between the two companies. Most notably, Clearview does not market its services to the general public, and has instead tried to appeal to larger corporations and law enforcement agencies. PimEyes, on the other hand, makes its tech fully available to individual consumers, with no restrictions on who can or cannot use the platform.
It is that last detail that concerns privacy advocates, especially since PimEyes seems to be changing some of its policies and hiding information in an effort to avoid public scrutiny. For example, the company used to advertise the fact that people could conduct searches with anyone’s face. It has since shifted its stance to emphasize personal privacy, stating that users are only permitted to conduct searches with images of themselves.
The problem, according to privacy experts, is that the company has done nothing to ensure that those rules are followed. PimEyes does not track the names of people conducting searches, so anyone who does violate the terms of service will never be punished for doing so. As a result, stalkers can use the platform to find and identify images of strangers, while anyone can use it to expose private details about someone’s personal life.
With that in mind, PimEyes can easily be used for ends that are directly contrary to its stated purpose. The company even seems to be encouraging such behavior, since it markets a corporate version of its product that would be functionally useless if it is not being used to search for images of other people. PimEyes has similarly stated that it no longer sells to law enforcement, but continues to mention that it can be used to search for criminals on its blog.
That kind of doublespeak has prompted critics to question the company’s intentions. PimEyes does not attach names to search results, but users are usually able to connect a name to a face with only a few clicks if they follow a hit to the original website. The company does not store images or maintain its own database, but it claims to have analyzed more than 900 million images pulled from company and media websites and porn sites. PimEyes argues that its platform was built to help people track down revenge porn or instances of identity fraud, but that same information is just as readily available to people who would use it with ill intent.
“In the hands of random citizens, like you or me, it becomes a creepy stalking tool where you can identify anyone on the streets or in any public space,” said Privacy International legal officer Lucie Audibert.
According to PimEyes, images uploaded to its platform are deleted after two days, and are not used to train its facial recognition software, which is supposed to be about 90 percent accurate. The company is now under new ownership, but has tried to avoid disclosing any information about those owners, or about where the company is currently located.
Individual users can conduct 25 searches a day with a plan that starts at $29.99 a month. They can also ask to receive notifications whenever new images appear. The corporate plan, on the other hand, offers unlimited searches and 500 alerts for $299.99 a month.
May 10, 2021 – by Eric Weiss