Amazon is being hit with a class-action suit alleging that the tech giant’s severs are storing biometric voice data from countless callers, in contravention of an Illinois privacy law. At the center of the suit is Amazon Connect—a suite of call-center software that Amazon Web Services began licensing out under since 2017. One of the companies Amazon partnered with in order to offer this call-center service, Pindrop Security, specialized in creating what are known as “voiceprints,” which can be used to identify and “authenticate” callers by the cadence of their voice. These specific vocal quirks—much like an iris scan, a finger print, or a facial scan—fall under the umbrella of “biometric data” under Illinois’s Biometric Information Privacy Act (BIPA.) There’s a chance that Amazon ran afoul of the state law by collecting that data without obtaining callers’ consent, storing it on AWS servers, and failing to publicly disclosing its data retention policies.

It then goes on to explain that Pindrop offers its “biometric data software” as a service, and then distributes that software (and the resulting data) to its customers for a hefty fee, all without any consent on the caller’s behalf. Because the three plaintiffs behind the suit are Illinois-based, they were able to point out that this sort of profiteering directly violates some of the core tenants of BIPA. “Pindrop does not tell Plaintiffs it is profiting from its harvesting of their biological information, nor does it obtain their consent. Even if it did obtain consent—though it did not—Pindrop’s practice of profiting from Plaintiffs’ biometric data is a BIPA violation,” the suit claims.

This isn’t the first time that BIPA’s been invoked against a major tech player. Last year, Apple was hit with a similar class action alleging the company unlawfully stored the countless voiceprints collected from people using Siri every day. Just a few months earlier, Google was hit with a similar class action suit over its Google Assistant feature. At the time, the company tried to dodge the claims by (incorrectly) alleging that the plaintiffs needed to prove real, tangible harm coming from this sort of voiceprint collection—something that’s notably not required under the Illinois Supreme Court.

…

Deepfakes rely on artificial neural networks, which are computer systems that recognize patterns in data. Developing a deepfake photo or video typically involves feeding hundreds or thousands of images into the artificial neural network, “training” it to identify and reconstruct patterns—usually faces.

How can you spot a deepfake?

The figure below illustrates some of the ways you can identify a deepfake from the real thing. To learn more about how to identify a deepfake, and to learn about the underlying technology used, check out our recent Spotlight on this technology.

…

filed https://blog.gao.gov/tag/staa/

RSS https://blog.gao.gov/tag/staa/feed/

The U.S. Postal Service wants to use its thousands of mail delivery vehicles that traverse the country every day to collect geospatial data it could provide to other agencies on an as-a-service basis. Lauren Lee, the Postal Service’s director of digital business services, said USPS is looking to leverage its vast mail delivery infrastructure for additional revenue streams. Geospatial address location data currently collected by its more than 220,000 mail vehicles is a significant part of that infrastructure, and a valuable resource that other agencies could use.“We know a lot about mapping,” Lee said in an Oct. 22 presentation hosted by the General Services Administration’s Technology Transformation Services. “We pick up data from the carriers as they’re traversing their routes in one-second breadcrumbs or geocode of locations. … Sometimes our carriers are in areas before mapping companies even know there are roads there.”

When fully developed, the service will join other USPS data-as-a-service offerings. USPS has been working with the FBI on a fingerprinting-as-a-service at over 100 post offices across the country, according to Heather Dyer, director of identity and access management at the USPS chief information security office.

The agency began that pilot in 2018. The program is aimed at identity verification for the public for background checks, visa applications and child adoptions. The USPS takes fingerprints at the post offices and passes them off to the FBI for processing. The service, said Dyer, has shortened a weeks-long process to hours, or even minutes.