![Sample our Law journals, sign in here to start your FREE access for 14 days]({"type":"image" , "src" : "/sda/5942/TOC-Subject-Sample-2021-Law.jpg"})
ABSTRACT
Street-level image platforms (SLIPs) employ indiscriminate forms of data collection that include potentially privacy invasive images. Both the scale and the indiscriminate nature of data collection means that significant privacy management requirements are needed. Legal risk management is currently operated through obfuscation techniques involving certain image objects. Current SLIP object obfuscation solutions are an indiscriminate and a blunt solution to a similarly indiscriminate data collection concern. A new contextual approach to obfuscation is required that goes beyond object obfuscation. Contextually-dependent identification would seek to identify the contexts, including captured objects, which can give rise to privacy concerns. It is technically more challenging for automated solutions as it requires an assessment of the contextual situation to understand privacy risk. Context-sensitive privacy detection, combined with context-sensitive privacy-by-design processes, potentially offer a risk management solution that better situates and addresses the concerns arising from SLIP data collections.
Disclosure statement
No potential conflict of interest was reported by the author(s).
Notes
1 Finn Brunton and Helen Nissenbaum, Obfuscation: A User's Guide for Privacy and Protest (The MIT Press, 2015), 95. As noted below, while we draw on Bruton and Nissenbaum’s concept of obfuscation, we nevertheless use it in a different context. We consider obfuscation as a method for organisations to build privacy into data collection systems by design rather than as a form of deliberate resistance to surveillance and data collection, as described by Brunton and Nissenbaum. The use is justified because Bruton and Nissenbaum’s and our considerations have a power related context that is different in application to SLIPs.
2 For example, Apple, ‘Apple Look Around’ (Maps, 2023) <https://www.apple.com/au/maps/> 4 September 2023; Mapillary, ‘Make Better Maps’ (2023) <https://www.mapillary.com/> accessed 4 September 2023; KartaView, ‘Easy Mapping’ (2023) <https://kartaview.org/landing> accessed 4 September 2023; and Microsoft, ‘Bing Streetside’ (Streetside View, 2023) <https://www.microsoft.com/en-us/maps/bing-maps/streetside> accessed 4 September 2023.
3 Lauren Rakower, ‘Blurred line: Zooming in on Google Street View and the Global Right to Privacy’ (2011) 37 Brook. J. Int'l L 317.
4 Alternative methods include crowd-sourcing street imagery from voluntary user submissions, for example, as employed by street-level imagery app Mappilary.
5 Josh Blackman, ‘Omniveillance, Google, Privacy in Public, and the Right to Your Digital Identity: A Tort for Recording and Disseminating an Individual's Image Over the Internet’ (2009) 49 Santa Clara L. Rev. 313.
6 Roger Geissler, ‘Private Eyes Watching You: Google Street View and the Right to an Inviolate Personality’ (2012) 63 Hastings L. J. 897.
7 Sarah Elwood and Agnieszka Leszczynski, ‘Privacy, Reconsidered: New Representations, Data Practices, and the Geoweb’ (2011) 42 Geoforum 6, 10.
8 Jana McGowen, ‘Your Boring Life, Now Available Online: Analyzing Google Street View and the Right to Privacy’ (2010) 16 Tex. Wesleyan L. Rev. 477.
9 Brunton and Nissenbaum (n 1) 95.
10 Ibid 56.
11 Ibid 45.
12 Introduced first in the United States, Google has since expanded its product to cover all seven continents and over 100 countries and territories. See Rakower (n 3) 323.
13 Blackman (n 5).
14 The use of temporary bans was particularly prominent in Europe. For example, Greece, Lithuania, the Czech Republic and Austria all initiated regulatory action against Street View. See, for example, Helena Smith, ‘Google Street View Banned from Greece’ The Guardian (Athens) 13 May 2009) <https://www.theguardian.com/technology/2009/may/12/google-street-view-banned-greece> accessed 4 September 2023. See also Geissler (n 6) 899.
15 Ingrid Hoelzl and Rémi Marie, ‘Google Street View: Navigating the Operative Image’ (2014) 29 Vis. Stud. 261, 268.
16 Aggi Cantrill and Stephanie Bodoni, ‘Google Street View to Post First New Pictures of Germany in a Decade’ Bloomberg Technology (America, 26 July 2023) <https://www.bloomberg.com/news/articles/2023-07-25/google-street-view-to-post-first-new-german-pictures-in-a-decade> accessed 4 September 2023.
17 Lindsey Strachan, ‘Re-mapping Privacy Law: How the Google Maps Scandal Requires Tort Law Reform’ (2011) 17(4) Rich. J. L. & Tech 1.
18 Ira Rubinstein and Nathaniel Good, ‘Privacy by Design: A Counterfactual Analysis of Google and Facebook Privacy Incidents’ (2013) 28 Berkeley Tech. L. J. 1333, 1384.
19 The first round of Street View collections was undertaken without any prior notification to communities. This has subsequently changed and Google now publishes online details of Street View capture. See Google, ‘Discover When, Where, and How, We Collect 360 Imagery’ (2023) <https://www.google.com.au/streetview/how-it-works/> accessed 4 September 2023.
20 Claudia Cuador, ‘From Street Photography to Face Recognition: Distinguishing Between the Right to be Seen and the Right to be Recognized’ (2017) 41 Nova L. Rev. 237.
21 Neil Richards, ‘The Dangers of Surveillance’ (2013) 126 Har. L. Rev. 1934.
22 Google reported in May 2022 that it comprises over 220 billion individual images. See Lauren Forristal, ‘Google Maps’ Street View Celebrates 15 Years with Historical Imagery on Mobile, New Camera and More’ TechCrunch (America, 25 May 2002) <https://techcrunch.com/2022/05/24/google-maps-street-view-celebrates-15-years-with-historical-imagery-on-mobile-new-camera-and-more/> accessed 4 September 2023.
23 James Thornton, ‘Individual Privacy Rights with Respect to Services such as Google Street View’ (2010) 40 Computers & Society 70.
24 Geissler (n 6); Rubinstein (n 18) 1384. Rubinstein and others note that Google’s ex ante approach to potential harm was a deliberate strategy.
25 Hoelzl and Marie (n 15) 268. For example, the above-mentioned German resistance led Google to sign a binding memorandum of understanding with the German Data Protection Agency in which they agreed, inter alia, to blur faces and licence plates before publication and provide residents the ability to have their homes removed or blurred.
26 Siva Vaidhyanathan, The Googlization of Everything:(and Why We Should Worry) (University of California Press, 2012) 101.
27 Andrea Frome and others, ‘Large-scale Privacy Protection in Google Street View (IEEE 12th International Conference on Computer Vision, Kyoto, 29 September 2009) <https://ieeexplore.ieee.org/document/5459413> accessed 4 September 2023.
28 Ibid 2378.
29 Ibid 2380.
30 Ibid.
31 Darren Waters, ‘Google’s Street View Response’ BBC News UK (London 7 July 2008) <https://www.bbc.co.uk/blogs/technology/2008/07/googles_street_view_response.html> accessed 4 September 2023.
32 Alan Weedon, ‘Why Large Swathes of Countries are Censored on Google Maps’ ABC News (Australia 21 February 2019) <https://www.abc.net.au/news/2019-02-21/why-large-parts-of-earth-are-censored-by-google-maps/10826024> accessed 4 September 2019. See also Patrick Gallo and Houssain Kettani, ‘On Privacy Issues with Google Street View’ (2020) 65 S. D. L. Rev 608, 612.
33 Frome and others (n 27).
34 Kaiyu Yang and others, ‘A Study of Face Obfuscation in ImageNet’ (10 March 2021) Arxiv <doi:10.48550/arxiv.2103.06191> accessed 4 September 2023.
35 Geissler (n 6) 994 referring to the obfuscation of Colonel Sanders on KFC billboards throughout the UK.
36 Harriet Mallinson, ‘Google Maps Street View’s Big Photo Mistake Exposed – Can You Spot it?’ The Express (London 25 April 2020) <https://www.express.co.uk/travel/articles/1271378/google-maps-street-view-privacy-statue-face-blur-funny-photo> accessed 4 September 2023.
37 BBC News, ‘Google Street View Blurs Bullocks Face in Cambridge’ BBC Cambridgeshire (London 15 September 2016) <https://www.bbc.com/news/uk-england-cambridgeshire-37378007> accessed 4 September 2023.
38 Hoelzl (n 15) 263.
39 Mario Cacciottolo, ‘The Streisand Effect: When Censorship Backfires’ BBC News UK (London 15 June 2012) <https://www.bbc.com/news/uk-18458567> accessed 4 September 2023.
40 Sue Curry Jansen and Brian Martin, 'The Streisand Effect and Censorship Backfire' (2015) 9 Int. J. Commun. 656.
41 Ibid.
42 Mikael Thalen, ‘Google Maps Thrust into Fight Over Roe v. Wade in Wake of Protests at Brett Kavanaugh’s House’ Daily Dot (America May 11 2022) <https://www.dailydot.com/debug/google-maps-blurring-supreme-court-justice-home-protest> accessed 4 September 2023.
43 Mikael Thalen, ‘Google Maps Thrust into Fight Over Roe v Wade in Wake of Protests at Brett Kavanaugh’s House’ VisionViral.com (10 May 2022) <https://visionviral.com/google-maps-thrust-into-fight-over-roe-v-wade-in-wake-of-protests-at-brett-kavanaughs-house/> accessed 4 September 2023.
44 Teresa Scassa, ‘Geographic Information as Personal Information’ (2010) 10 OUCLJ 208.
45 Pia Grillo v Google Inc. (2014) QCCQ 9394 (Can.).
46 Ibid [11].
47 Ibid [56].
48 Ibid [57]. Note also that Google admitted obfuscation failure of the licence plate which could be classed as a false negative error. Thus, re-emphasising our point that there are crossovers between types of failure.
49 The court also rejected the argument that the plaintiff had tacitly waived her right to privacy because she was seated outside her home and thus visible from the street. See Ibid [49]–[51].
50 Helen Nissenbaum, ‘Contextual Integrity Up and Down the Data Food Chain’ (2019) 20 Theo Inq L 221.
51 Deirdre Mulligan and others, ‘Privacy is an Essentially Contested Concept: A Multi-Dimensional Analytic for Mapping Privacy’ (2016) 374 Philos. Trans. R. Soc. A 1.
52 Surveillance Devices Act 2007 (NSW), ‘Surveillance Devices Act 2007 No 64’ (Legislation) 16 May 2022 <https://legislation.nsw.gov.au/view/html/inforce/current/act-2007-064> accessed 1 February 2024; Invasion of Privacy Act 1971 (Qld), ‘Invasion of Privacy Act 1971’ (Legislation) 5 June 2017 <https://www.legislation.qld.gov.au/view/html/inforce/current/act-1971-050> accessed 1 February 2024; Listening and Surveillance Devices Act 1972 (SA), ‘Listening and Surveillance Devices Act 1972’ (Legislation) 4 September 2017 <https://www.legislation.sa.gov.au/__legislation/lz/c/a/listening%20and%20surveillance%20devices%20act%201972/2017.12.17/1972.112.auth.pdf> accessed 1 February 2024; Listening Devices Act 1991 (Tas), ‘Listening Devices Act 1991’ (Legislation) 5 October 2018 <https://www.legislation.tas.gov.au/view/html/inforce/current/act-1991-021> accessed 1 February 2024; Surveillance Devices Act 1999 (Vic),‘Surveillance Devices Act 1999’ (Legislation) 1 December 2021 <https://content.legislation.vic.gov.au/sites/default/files/2021-12/99-21aa042%20authorised.pdf> accessed 1 February 2024; Surveillance Devices Act 1998 (WA), ‘Surveillance Devices Act 1998’ (Legislation) 5 April 2023 <https://www.legislation.wa.gov.au/legislation/statutes.nsf/law_a1919.html> accessed 1 February 2024; Listening Devices Act 1992 (ACT), ‘Listening Devices Act 1992’ (Legislation) 11 February 2022 <https://www.legislation.act.gov.au/View/a/1992-57/current/html/1992-57.html> accessed 1 February 2024; Surveillance Devices Act 2007 (NT), ‘Surveillance Devices Act 2007’ (Legislation) 30 November 2018 <https://legislation.nt.gov.au/en/Legislation/SURVEILLANCE-DEVICES-ACT-2007> accessed 1 February 2024; Cal. Penal Code § 647(j)(1) ‘Codes: Codes Tree – Penal Code – PEN’ (Legislation) 1 January 2023 <https://leginfo.legislature.ca.gov/faces/codesTOCSelected.xhtml?tocCode=PEN&tocTitle=±Penal±Code±-±PEN> accessed 1 February 2024.
53 See, e.g., Boring v Google Inc., 362 Fed Appx 273, 38 Media L Rep 1306 (3d Cir Pa Jan 28, 2010) (‘Boring v Google’).
54 For a useful overview of the different causes of action available in New Zealand, Canada, the United Kingdom, and the United States, see Australian Law Reform Commission, Serious Invasions of Privacy in the Digital Era (ALRC Report No 123, June 2014), 22–23, Available at Australian Law Reform Commission, ‘Serious Invasions of Privacy in the Digital Era’ (Report) June 2014 <https://www.alrc.gov.au/wp-content/uploads/2019/08/final_report_123_whole_report.pdf> accessed 1 February 2024. In the UK, privacy interests have also been protect via extensions of the equitable action for breach of confidence.
55 A misuse of private information is recognised in the United Kingdom, while US jurists refer to publicity given to private life: Campbell v Mirror Group Newspapers Limited [2004] UKHL 22; American Law Institute, US Restatement of the Law Second, Torts (1977), § 652D. The New Zealand Court of Appeal confirmed the existence of a tort of wrongful disclosure of private information in its decision in Hosking v Runting [2004] NZCA 34; [2005] 1 NZLR 1.
56 Not all these causes of actions currently exist in the jurisdictions which do recognise privacy torts at common law (or statute).
57 American Law Institute (n 55), § 652B; William Prosser, ‘Privacy’ 48 CLR 383; C v Holland [2012] NZHC 2155; Jones v Tsige (2012) ONCA 32.
58 American Law Institute (n 55).
59 Ibid, § 652B; Jones v Tsige (2012) ONCA 32 (n 57) [17]; C v Holland [2012] NZHC 2155 (n 57) [94].
60 American Law Institute (n 55), § 652D. Note that the UK court have used the formulation ‘misuse of private information’, which may encompass a broader range of activities that disclosure, communication, or publication.
61 Ibid; C v Holland [2012] NZHC 2155 (n 57). The highly offensive test does not form part of the UK.
62 Paul Wragg, ‘Recognising a Privacy-Invasion Tort: The Conceptual Unity of Informational and Intrusion Claims’ (2019) 78 C.L.J. 409.
63 Prosser (n 57).
64 Milner v Manufacturer’s Life Insurance Co (c.o.b Manulife Financial) (2005) BCSC 1661; Brooker v Police [2007] NZSC 30.
65 Blackman (n 5) 313; Nancy D Zeronda, ‘Street Shootings: Covert Photography and Public Privacy’ 63 Vand. L. Rev. 1131, 1145; Stuart Hargreaves, ‘“Jones-Ing” for a Solution: Commercial Street Surveillance and Privacy Torts in Canada’ (2014) 3 Laws 388, 390.
66 Daily Times Democrat v Graham 276 Ala 380, 162 So 2d 474 (1964); Gill v Hearst Publ’g Co, 253 P.2d 441, 446 (Cal 1953).
67 Daily Times Democrat v. Graham (n 66). In the Daily Times case, the respondent was photographed at a county fair at a moment when the wind had blown her skirt into the air. The appellant subsequently published the photograph in a newspaper. Cf. McNamara v Freedom Newspapers, 802 S.W.2d 901, 903 (Tex Ct App 1991).
68 McNamara v. Freedom Newspapers (n 67).
69 Campbell v Mirror Group Newspapers Ltd (n 55).
70 Weller v Associated Newspapers Ltd [2016] 1 WLR 1541; Murray v Express Newspapers Plc and another [2008] EWCA Civ 446.
71 Nicole Moreham, ‘Unpacking the Reasonable Expectation of Privacy Test’ (2018) 134 L.Q.R. 651, 4.
72 Ibid 5.
73 Ibid 1, 8–11.
74 Strachan (n 17) 14.
75 Jones v Tsige (n 57).
76 Boring v Google (n 53) 279.
77 See, e.g., Australian Law Reform Commission (n 54); Campbell v Mirror Group Newspapers Ltd (n 55) [75].
78 Some jurisdictions have codified certain prohibitions on intrusion into seclusion, namely the surreptitious recording of images or conversations through surveillance devices is prohibited. See, e.g., Surveillance Devices Act 1999 (Vic),‘Surveillance Devices Act 1999’ (Legislation) 1 December 2021 <https://content.legislation.vic.gov.au/sites/default/files/2021-12/99-21aa042%20authorised.pdf> accessed 1 February 2024; Surveillance Devices Act 2007 (NSW), ‘Surveillance Devices Act 2007 No 64’ (Legislation) 16 May 2022 <https://legislation.nsw.gov.au/view/html/inforce/current/act-2007-064> accessed 1 February 2024; Listening and Surveillance Devices Act 1972 (SA), ‘Listening and Surveillance Devices Act 1972’ (Legislation) 4 September 2017 <https://www.legislation.sa.gov.au/__legislation/lz/c/a/listening%20and%20surveillance%20devices%20act%201972/2017.12.17/1972.112.auth.pdf> accessed 1 February 2024; Surveillance Devices Act 1998 (WA), ‘Surveillance Devices Act 1998’ (Legislation) 5 April 2023 <https://www.legislation.wa.gov.au/legislation/statutes.nsf/law_a1919.html> accessed 1 February 2024; Listening Devices Act 1991 (Tas), ‘Listening Devices Act 1991’ (Legislation) 5 October 2018 <https://www.legislation.tas.gov.au/view/html/inforce/current/act-1991-021> accessed 1 February 2024; Invasion of Privacy Act 1971 (Qld),, ‘Invasion of Privacy Act 1971’ (Legislation) 5 June 2017 <https://www.legislation.qld.gov.au/view/html/inforce/current/act-1971-050> accessed 1 February 2024.
79 Jamuna Kelley, ‘A Computer with a View: Progress, Privacy, and Google’ (2008) 74 Brook. L. Rev. 187, 214; Andrew McClurg, ‘Bringing Privacy Law Out of the Closet: A Tort Theory of Liability for Intrusions in Public Places’ 73 N. C. L. Rev. 989, 1068.
80 Strachan (n 17); Blackman (n 5); Andrew Lavoie, ‘The Online Zoom Lens: Why Internet Street-Level Mapping Technologies Demand Reconsideration of the Modern-Day Tort Notion of “Public Privacy”’ (2009) 43 Ga. L. Rev 575.
81 The rarity of claims is perhaps unsurprisingly, given would-be claimants find themselves in a paradoxical situation where seeking recourse for privacy invasion might have the opposite and undesirable effect of magnifying the facts or images they wish to keep private (a catch-22 which factored into the Borings’ unsuccessful claim): Boring v Google (n 53).
82 Jordan Segall, ‘Google Street View: Walking the Line of Privacy-Intrusion upon Seclusion and Publicity Given to Private Facts in the Digital Age’ (2010) 10 Pittsburgh Journal of Technology Law & Policy, 1, 14–19.
83 Hargreaves (n 65) 399; McGowen (n 8) 478.
84 Boring v Google (n 53).
85 Pia Grillo v Google (n 45).
86 See e.g., Pia Grillo v Google (n 45) [66].
87 Mathew Weaver, ‘Google Street View Cleared of Breaking Data Protection Act’ The Guardian (London 23 April 2009) <https://www.theguardian.com/technology/2009/apr/23/google-street-view-data-protection-cleared> accessed 4 September 2023. The article cites David Evans, senior data protection practice manager at the UK Information Commissioner’s Office (ICO) stating that the office took a ‘pragmatic and common-sense approach’ to obfuscation as a data protection issue in relation to Google Maps.
88 Colin Bennett and Charles Raab, The Governance of Privacy: Policy Instruments in Global Perspective (MIT Press, 2006); Lisa Austin, ‘Re-reading Westin’ (2019) 20 Theo Inq L 53; Stephen Margulis, ‘On the Status and Contribution of Westin’s and Altman’s Theories of Privacy’ (2003) 59 J. Soc. Issues 411.
89 Colin Bennett, ‘The European General Data Protection Regulation: An Instrument for the Globalization of Privacy Standards?’ (2018) Information Polity 239.
90 Moira Paterson and Maeve McDonagh, ‘Data Protection in an Era of Big Data: The Challenges Posed by Big Personal Data’ (2018) 44 Mon LR 1.
91 Fred Cate, ‘The Failure of Fair Information Practice Principles’ in Jane Winn (ed), Consumer Protection in the Age of the ‘Information Economy’ (Ashgate, 2006); Rubinstein and Good (n 18) 1343.
92 Joris van Hoboken, ‘From Collection to Use In Privacy Regulation? A Forward-Looking Comparison of European and US Frameworks for Personal Data Processing’ in Bart van der Sloot, D Broeders and E Schrijvers (eds), Exploring the Boundaries of Big Data (Amsterdam University Press, 2016).
93 Bert-Jaap Koops, ‘On Decision Transparency, or How to Enhance Data Protection After the Computational Turn’ in M. Hildebrandt and Katja De Vries (eds), Privacy, Due Process and the Computational Turn The Philosophy of Law Meets the Philosophy of Technology (Taylor and Francis, 2013).
94 Daniel Susser, ‘Notice After Notice-and-Consent: Why Privacy Disclosures Are Valuable Even If Consent Frameworks Aren't’ (2019) 9 J. Inf. Policy 37.
95 Paul Schwartz and Edward Janger, ‘Notification of Data Security Breaches’ (2007) 105 Mich. L. Rev 913.
96 Rubinstein and Good (n 18) 1347.
97 Bennett and Raab (n 88).
98 Geissler (n 6).
99 Orla Lynskey, ‘Grappling with “Data Power”: Normative Nudges from Data Protection and Privacy’ (2019) 20 Theo Inq L189, 191.
100 Paul Schwartz and Karl-Nikolaus Peifer, ‘Transatlantic Data Privacy Law’ (2017) 106 Geo.L.J. 115.
101 Mark Burdon, Digital Data Collection and Information Privacy Law (Cambridge University Press, 2020).
102 See discussion regarding the Pia Grillo decision, as an example.
103 Daniel Solove and Paul Schwartz, ‘The PII Problem: Privacy and a New Concept of Personally Identifiable Information’ (2011) 86 N.Y.U.L. Rev. 1814, 1816.
104 GDPR under Article 4(1) as [A]ny information relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.
105 s6(1) of the Privacy Act as [I]nformation or an opinion about an identified individual, or an individual who is reasonably identifiable: (a) whether the information or opinion is true or not; and (b) whether the information or opinion is recorded in a material form or not. See ‘Federal Register of Legislation – Privacy Act 1988’ (Legislation) 18 October 2023 <https://www.legislation.gov.au/C2004A03712/latest/text> accessed 1 February 2024.
106 Nadezhda Purtova, ‘The Law of Everything. Broad Concept of Personal Data and Future of EU Data Protection Law’ (2018) 10 L.I.T 40.
107 Mark Burdon and Paul Telford, ‘The Conceptual Basis of Personal Information in Australian Privacy Law’ (2010) 17 Murdoch Elaw Journal 1. For clarification of both approaches, see Sharon Booth and others, ‘What are ‘Personal Data’? A Study Conducted for the UK Information Commissioner’ (Final Report) (2004) <http://www.ico.gov.uk/upload/documents/library/corporate/research_and_reports/final_report_21_06_04.pdf> accessed 4 September 2023.
108 Also note the consent considerations as part of the Pia Grillo decision. See, for example, [40] and dissemination of imagery without consent.
109 Burdon and Telford (n 107).
110 Australian Law Reform Commission, For Your Information: Australian Privacy Law and Practice (ALRC Report No 108, August 2008) 309. Available at Australian Law Reform Commission, ‘For Your Information: Australian Privacy Law and Practice Act’ (Report) 12 August 2008 <https://www.alrc.gov.au/publication/for-your-information-australian-privacy-law-and-practice-alrc-report-108/> accessed 1 February 2024.
111 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) [2018] OJ L 119, Recital 51. Available at European Parliament and Council of the European Union, ‘Regulation – 2016/679 – EN – GDPR – EUR-Lex’ (Regulation) 4 May 2016 <https://eur-lex.europa.eu/eli/reg/2016/679/oj> accessed 1 February 2024.
112 Commissioner Initiated Investigation into Clearview AI, Inc. (Privacy) [2021] AICmr 54 (14 October 2021). (‘Clearview AI’). Available at Angelene Falk, ‘Commissioner initiated investigation into Clearview AI, Inc. (Privacy) [2021] AICmr 54 (14 October 2021)’ (Determination) 14 October 2021 <https://www.oaic.gov.au/__data/assets/pdf_file/0016/11284/Commissioner-initiated-investigation-into-Clearview-AI,-Inc.-Privacy-2021-AICmr-54-14-October-2021.pdf> accessed 1 February 2024.
113 Bonnie Devany, ‘Clearview AI's First Amendment: A Dangerous Reality?’ (2022) 101 Tex.L. Rev. 473.
114 Louise Matsakis, ‘Scraping the Web is a Powerful Tool. Clearview AI Abused It’ Wired (America, 25 January 2020) <https://www.wired.com/story/clearview-ai-scraping-web/> accessed 4 September 2023.
115 Clearview AI (n 112) [74].
116 Ibid [56].
117 Ibid [153].
118 Ibid [155].
119 Helen Nissenbaum, Privacy in Context: Technology, Policy, and the Integrity of Social Life (Stanford Law Books, 2010), 113.
120 See discussion above at III.A.
121 Licheng Jiao and others, ‘A Survey of Deep Learning-Based Object Detection’ (2019) 7 IEEE Access 128837.
122 Ibid.
123 Ibid.
124 Bharath Hariharan and others, ‘Simultaneous Detection and Segmentation’ in David Fleet and others (eds), Computer Vision – ECCV 2014 (Springer, 2014).
125 Muhammad Ahmed and others, ‘Survey and Performance Analysis of Deep Learning Based Object Detection in Challenging Environments’ (2021) 21 Sensors 5116.
126 Ross Girshick and others, ‘Rich Feature Hierarchies for Accurate Object Detection and Semantic Segmentation’ (2013) Arxiv <doi:10.48550/arxiv.1311.2524> accessed 4 September 2023.
127 Joseph Redmon and others, ‘You Only Look Once: Unified, Real-Time Object Detection’ (IEEE Conference on Computer Vision and Pattern Recognition (CVPR), Las Vegas, 27 June 2016).
128 Wei Liu and others; ‘SSD: Single Shot Multibox Detector’ (Computer Vision–ECCV 2016: 14th European Conference, Amsterdam, The Netherlands, 11 October 2016).
129 Girshick and others (n 126).
130 Shaoqing Ren and others, ‘Faster R-CNN: Towards Real-Time Object Detection with Region Proposal Networks’ (2017) 39 IEEE PAMI 1137.
131 Redmon and others (n 127).
132 Liu and others (n 128).
133 Xuan Wang and Zhigang Zhu, ‘Context Understanding in Computer Vision: A Survey’ (2023) 229 Computer Vision and Image Understanding 103646.
134 Ibid.
135 Navneet Dalal and Bill Triggs, ‘Histograms of Oriented Gradients for Human Detection’ (IEEE Computer Society Conference on Computer Vision and Pattern Recognition (CVPR'05), San Diego, 20 June 2005).
136 Zhengxia Zou and others, ‘Object Detection in 20 Years: A Survey’ (2023) 111 Proc. IEEE 257.
137 Nicolas Carion and others, ‘End-to-end Object Detection with Transformers’ (European Conference on Computer Vision, Switzerland, 2020).
138 Zou (n 136).
139 Ibid.
140 Santosh Divvala and others (2009, June). ‘An Empirical Study of Context in Object Detection’ (2009 IEEE Conference on Computer Vision and Pattern Recognition, Miami, 20 June 2009).
141 Mathias Lechner and others, ‘Neural Circuit Policies Enabling Auditable Autonomy’ (2020) 2 Nat. Mach. Intell. 642.
142 Divvala and others (n 140).
143 Yiping Gong and others, ‘Context-Aware Convolutional Neural Network for Object Detection in VHR Remote Sensing Imagery’ (2020) 58 IEEE Trans. Geosci. Remote Sens. 34.
144 Suyuan Liu and others, ‘HideSeeker: Uncover the Hidden Gems in Obfuscated Images’ (Proceedings of the 20th ACM Conference on Embedded Networked Sensor Systems, Boston, 6 November 2020).
145 Jimmy Tekli and others, ‘A Framework for Evaluating Image Obfuscation Under Deep Learning-assisted Privacy Attacks’ (2023) 82 Multimedia Tools and Applications 1 <doi:10.1007/s11042-023-14664-y>.
146 Ibid.
147 Ibid.
148 Ibid.
149 Richard McPherson and others, ‘Defeating Image Obfuscation with Deep Learning’ (1 September 2016) Arxiv <https://arxiv.org/abs/1609.00408> accessed 4 September 2023.
150 William Croft and others, ‘Obfuscation of Images via Differential Privacy: From Facial Images to General Images’ (2021) 14 Peer-to-Peer Netw. Appl. 1705.
151 Pierangela Samarati and Latanya Sweeney, ‘Protecting Privacy when Disclosing Information: k-Anonymity and its Enforcement through Generalization and Suppression’ (Technical Report) (March 1998) Semantic Scholar <https://www.semanticscholar.org/paper/Protecting-privacy-when-disclosing-information%3A-and-Samarati-Sweeney/7df12c498fecedac4ab6034d3a8032a6d1366ca6> accessed 4 September 2023.
152 Croft and others (n 150).
153 Yifan Wu and others, ‘Privacy-Protective-GAN for Privacy Preserving Face De-Identification’ (2019) 34 J. Comput. Sci. Technol. 47.
154 McPherson and others (n 149); Seong Joon Oh and others, ‘Faceless Person Recognition; Privacy Implications in Social Media’ (European Conference on Computer Vision, Netherlands, 11 October 2016).
155 Eman Hassan and others, ‘Cartooning for Enhanced Privacy in Lifelogging and Streaming Videos’ (IEEE Conference on Computer Vision and Pattern Recognition Workshops, Honolulu, 21 July 2017).
156 Karla Brkic and others, ‘I Know that Person: Generative Full Body and Face De-identification of People in Images’ (IEEE Conference on Computer Vision and Pattern Recognition Workshops, Honolulu, 21 July 2017).
157 Qianru Sun and others, ‘Natural and Effective Obfuscation by Head Inpainting’ (Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition, Salt Lake City, 18 June 2018).
158 Jakob Geyer and others, ‘A2D2: Audi Autonomous Driving Dataset’ (14 April 2020) Arxiv <https://arxiv.org/abs/2004.063202004.06320> accessed 4 September 2023.
159 Tekli and others (n 145).
160 Ibid.
161 Peter Schaar, ‘Privacy by Design’ (2010) 3 Ident. Info. Soc. 267.
162 Ann Cavoukian, ‘Privacy by Design: The 7 Foundational Principles’ (August 2009) Ontario <https://www.ipc.on.ca/wp-content/uploads/resources/7foundationalprinciples.pdf> accessed 4 September 2023; Ann Cavoukian, Privacy by Design in Law, Policy and Practice (Canadian Electronic Library, 2011).
163 Alan Charles Raul and others, ‘Privacy by Design and Data Minimisation’ Global Data Review (8 April 2022) <https://globaldatareview.com/guide/the-guide-data-critical-asset/edition-1/article/privacy-design-and-data-minimisation> accessed 4 September 2023.
164 GDPR (n 111) art 25(1).
165 Lee Bygraves, ‘Data Protection by Design and Default: Deciphering the EU‘s Legislative Requirements’ (2017) 4 Oslo L. Rev. 105, 117; Bert-Jaap Koops and Ronald Leenes, ‘Privacy Regulation Cannot be Hardcoded. A Critical Comment on the ‘Privacy by Design’ Provision in Data-protection Law’ (2014) 28 I.R.L.C.T. 159.
166 GDPR (n 111) Recital 78.
167 Bygraves (n 165) 119.
168 Ibid.
169 Seda Gurses and others, ‘Engineering Privacy by Design’ (2011) 14 Computers, Privacy & Data Protection 25 <https://software.imdea.org/~carmela.troncoso/papers/Gurses-CPDP11.pdf> accessed 4 September 2023.
170 Koops and Leenes (n 165).
171 Gurses and others (n 169).
172 Rubinstein and Good (n 18) 1358 and the focus of ‘privacy engineering’ and ‘on what companies can do to build privacy protections into their own systems.’
173 Brunton and Nissenbaum (n 1) 50 stating ‘ … we can better understand acts of obfuscation within a context of unavoidable relationships between people and institutions with large informational and power asymmetries.’
174 Ibid 1 ‘Obfuscation is the deliberate addition of ambiguous, confusing, or misleading information to interfere with surveillance and data collection.’
175 Brunton and Nissenbaum (n 1) 95.
176 Ibid 95.