McDonald's being sued in Illinois for collecting customer's biometric data at AI-powered drive-thru

Daily Mail - Science & tech

McDonald's is being sued for recording customers' biometric data at its new artificially intelligent-powered drive-thru windows without getting their consent. In court filings, Shannon Carpenter, a customer at a McDonald's in Lombard, Illinois, claims the system violates Illinois' Biometric Information Privacy Act, or BIPA, by not getting his approval before using voice-recognition technology to take his order. BIPA requires companies to inform customers their biometric information--including voiceprints, facial features, fingerprints and other unique physiological features--is being collected. Illinois is only one of a handful of states with biometric privacy laws, but they are considered the most stringent. A McDonald's customer in Chicago is suing the burger chain, claiming it records and stores users' voiceprints without their written consent, in violation of Illinois strict biometric privacy law In 2020, the fast-food chain began testing out using voice-recognition software in lieu of human servers at 10 locations in and around Chicago.

TikTok Has Started Collecting Your 'Faceprints' and 'Voiceprints.' Here's What It Could Do With Them

TIME - Tech

Recently, TikTok made a change to its U.S. privacy policy, allowing the company to "automatically" collect new types of biometric data, including what it describes as "faceprints" and "voiceprints." TikTok's unclear intent, the permanence of the biometric data and potential future uses for it have caused concern among experts who say users' security and privacy could be at risk. On June 2, TikTok updated the "Information we collect automatically" portion of its privacy policy to include a new section called "Image and Audio Information," giving itself permission to gather certain physical and behavioral characteristics from its users' content. The increasingly popular video sharing app may now collect biometric information such as "faceprints and voiceprints," but the update doesn't define these terms or what the company plans to do with the data. "Generally speaking, these policy changes are very concerning," Douglas Cuthbertson, a partner in Lieff Cabraser's Privacy & Cybersecurity practice group, tells TIME.

The EU's Artificial Intelligence Act: A Pragmatic Approach - Techonomy


The European Union has introduced a proposal to regulate the development of AI, with the goal of protecting the rights and well-being of its citizens. The Artificial Intelligence Act (AIA) is designed to address certain potentially risky, high-stakes use cases of AI, including biometric surveillance, bank lending, test scoring, criminal justice, and behavior manipulation techniques, among others. The goal of the AIA is to regulate the development of these applications of AI in a way that will foster increased trust in its adoption. Similar to the EU's General Data Protection Regulation (GDPR), the AIA law will apply to anyone selling or providing relevant services to EU citizens. GDPR spearheaded data privacy regulations across the United States and around the world.

The global AI agenda: Promise, reality, and a future of data sharing


"The global AI agenda: Promise, reality, and a future of data sharing" is an MIT Technology Review Insights report produced in partnership with Genesys and Philips. It was developed through a global survey conducted in January and February 2020 of over 1,000 executives across 11 different sectors and a series of interviews with experts having specific responsibility for or knowledge of AI. The article below is an extract of the full report. This content was produced by Insights, the custom content arm of MIT Technology Review. It was not written by MIT Technology Review's editorial staff.

Cybersecurity 101: Protect your privacy from hackers, spies, and the government


"I have nothing to hide" was once the standard response to surveillance programs utilizing cameras, border checks, and casual questioning by law enforcement. Privacy used to be considered a concept generally respected in many countries with a few changes to rules and regulations here and there often made only in the name of the common good. Things have changed, and not for the better. China's Great Firewall, the UK's Snooper's Charter, the US' mass surveillance and bulk data collection -- compliments of the National Security Agency (NSA) and Edward Snowden's whistleblowing -- Russia's insidious election meddling, and countless censorship and communication blackout schemes across the Middle East are all contributing to a global surveillance state in which privacy is a luxury of the few and not a right of the many. As surveillance becomes a common factor of our daily lives, privacy is in danger of no longer being considered an intrinsic right. Everything from our web browsing to mobile devices and the Internet of Things (IoT) products installed in our homes have the potential to erode our privacy and personal security, and you cannot depend on vendors or ever-changing surveillance rules to keep them intact. Having "nothing to hide" doesn't cut it anymore. We must all do whatever we can to safeguard our personal privacy. Taking the steps outlined below can not only give you some sanctuary from spreading surveillance tactics but also help keep you safe from cyberattackers, scam artists, and a new, emerging issue: misinformation. Data is a vague concept and can encompass such a wide range of information that it is worth briefly breaking down different collections before examining how each area is relevant to your privacy and security. A roundup of the best software and apps for Windows and Mac computers, as well as iOS and Android devices, to keep yourself safe from malware and viruses. Known as PII, this can include your name, physical home address, email address, telephone numbers, date of birth, marital status, Social Security numbers (US)/National Insurance numbers (UK), and other information relating to your medical status, family members, employment, and education. All this data, whether lost in different data breaches or stolen piecemeal through phishing campaigns, can provide attackers with enough information to conduct identity theft, take out loans using your name, and potentially compromise online accounts that rely on security questions being answered correctly. In the wrong hands, this information can also prove to be a gold mine for advertisers lacking a moral backbone.

Swarm Differential Privacy for Purpose Driven Data-Information-Knowledge-Wisdom Architecture Artificial Intelligence

Privacy protection has recently attracted the attention of both academics and industries. Society protects individual data privacy through complex legal frameworks. This has become a topic of interest with the increasing applications of data science and artificial intelligence that have created a higher demand to the ubiquitous application of the data. The privacy protection of the broad Data-InformationKnowledge-Wisdom (DIKW) landscape, the next generation of information organization, has not been in the limelight. Next, we will explore DIKW architecture through the applications of popular swarm intelligence and differential privacy. As differential privacy proved to be an effective data privacy approach, we will look at it from a DIKW domain perspective. Swarm Intelligence could effectively optimize and reduce the number of items in DIKW used in differential privacy, this way accelerating both the effectiveness and the efficiency of differential privacy for crossing multiple modals of conceptual DIKW. The proposed approach is proved through the application of personalized data that is based on the open-sourse IRIS dataset. This experiment demonstrates the efficiency of Swarm Intelligence in reducing computing complexity.

Digital Voodoo Dolls Artificial Intelligence

An institution, be it a body of government, commercial enterprise, or a service, cannot interact directly with a person. Instead, a model is created to represent us. We argue the existence of a new high-fidelity type of person model which we call a digital voodoo doll. We conceptualize it and compare its features with existing models of persons. Digital voodoo dolls are distinguished by existing completely beyond the influence and control of the person they represent. We discuss the ethical issues that such a lack of accountability creates and argue how these concerns can be mitigated.

Artificial Intelligence Update


These advances will create a network where almost every device can be simultaneously connected, enabling technologies not possible today. Governments and private entities are just beginning to invest in the technology, and projections suggest commercial availability around 2030. But given 6G's anticipated ubiquity and potential to change the landscape, we would be wise to begin learning about it now. Artificial intelligence ("AI") represents a new frontier in the global economy: Some estimates say it could contribute up to $15.7 trillion worldwide by 2030. Increases in computing power and innovations in computer science have fueled AI innovation.

100 critical IT policies every company needs, ready for download


Whether you're writing corporate policies for business workers or university policies for faculty and staff, crafting an effective IT policy can be a daunting and expensive task. You could spend hours writing a policies and procedures manual yourself, but consider how much your time is worth. According to job site Glassdoor, the average salary of an IT Director in the U.S. is over $140,000 (depending on geographic location, company, education, etc.). If it takes you one work day to write an IT policy, that single policy cost you $536 ($67 x 8 hours). Don't have time to write a business or university policy?

Supervised Feature Selection Techniques in Network Intrusion Detection: a Critical Review Artificial Intelligence

Machine Learning (ML) techniques are becoming an invaluable support for network intrusion detection, especially in revealing anomalous flows, which often hide cyber-threats. Typically, ML algorithms are exploited to classify/recognize data traffic on the basis of statistical features such as inter-arrival times, packets length distribution, mean number of flows, etc. Dealing with the vast diversity and number of features that typically characterize data traffic is a hard problem. This results in the following issues: i) the presence of so many features leads to lengthy training processes (particularly when features are highly correlated), while prediction accuracy does not proportionally improve; ii) some of the features may introduce bias during the classification process, particularly those that have scarce relation with the data traffic to be classified. To this end, by reducing the feature space and retaining only the most significant features, Feature Selection (FS) becomes a crucial pre-processing step in network management and, specifically, for the purposes of network intrusion detection. In this review paper, we complement other surveys in multiple ways: i) evaluating more recent datasets (updated w.r.t. obsolete KDD 99) by means of a designed-from-scratch Python-based procedure; ii) providing a synopsis of most credited FS approaches in the field of intrusion detection, including Multi-Objective Evolutionary techniques; iii) assessing various experimental analyses such as feature correlation, time complexity, and performance. Our comparisons offer useful guidelines to network/security managers who are considering the incorporation of ML concepts into network intrusion detection, where trade-offs between performance and resource consumption are crucial.