Bredemarket

Employ Security (6/7)

This is the sixth of seven vendor suggestions I made in my Biometric Update guest post.

“Employ comprehensive security measures. Ensure protection for the data on your systems, your customer systems, and the systems integrated with those systems. Employ third-party risk management (TPRM) to minimize the risk when biometric data is stored with cloud providers, application partners, and companies in the supply chain.”

If you don’t already know this, whenever you read a Bredemarket-authored article, always click the links. This includes the articles I write for others…such as Biometric Update. If you clicked a particular link at the end of my guest post, you found out which third party behaved badly with Customs and Border Protection (CBP) data:

“Facial images of travelers and license plate data have been stolen from a U.S. Customs and Border Protection (CBP) subcontractor….While the agency did not identify the subcontractor to the Post, it did provide a statement titled “CBP Perceptics Public Statement.”…Perceptics was hacked in May, and The Register reported thousands of files…were available on the dark web.”

As I concluded my guest post,

“Do not let this happen to your business.”

But here’s a positive example:

“ID.me will transfer your Biometric Information to our third party partners only when required by a subpoena, warrant, or other court ordered legal action.”

(Imagen 3)

Evading State Taxes: Non-Person Automotive Entities and Geolocation

When a person is born in the United States, they obtain identifiers such as a name and a Social Security Number.

When a non-person entity is “born,” it gets identifiers also. For automobiles, the two most common ones are a Vehicle Identification Number (VIN) and a license plate number. (There is also title, which I’ve discussed before, but that’s not really an identifier.)

In my country license plates and the associated vehicle registrations, like driver’s licenses, are issued at the state level. Montana, for example, has 2.3 million registered vehicles…which is odd, because the state only has 879,000 licensed drivers.

How can this be? Jalopnik explains:

“All that wealthy car owners have to do is spend around $1,000 to open an LLC in Montana, then use the LLC to purchase a car with no sales tax — and said car is not subject to vehicle inspections or emissions testing.”

That explains things. The Montana LLCs need multiple cars for all their LLC-related travel between Billings, Bozeman, and Butte. That’s a ton of miles on the Montana highways.

Um…no.

“According to Bloomberg, former Montana revenue director Dan Bucks said there are likely more than 600,000 vehicles registered in Montana but operated in other states.”

Like California. Where people don’t want to pay the fees associated with vehicle registration here, so they say their vehicles are Montana vehicles. Only problem is, license plate readers on California freeways can identify the movements of a car with Montana plates. And if that “Montana” car is moving in California, expect a visit from the tax authority.

But it’s not just the money hungry loony liberal Commies in California. Jalopnik reports that the money hungry loony liberal Commies in…um…Utah are mad also.

“This is really an abuse of our tax system,” said Utah tax commissioner John Valentine. “They pay nothing to support our state, just a small fee to Montana for the opportunity to evade taxes in Utah.”

Because in the end it doesn’t matter if you’re blue or red. What matters is the green. And the geolocation.

(2002 Ford Excursion image public domain)

Disclose Data Uses (5/7)

This is the fifth of seven vendor suggestions I made in my Biometric Update guest post.

“Disclose the specific uses for all biometric data you control and/or collect. The law often requires this anyway, but even if it isn’t, educate your customers and their users regarding why you collect what you do.”

As an example, Built In notes that Illinois’ Biometric Information Privacy Act (BIPA) has strict consent requirements, including the following:

“Informing the individual of the company’s purpose for collecting, storing, and using the biometric information.”

(Imagen 3)

What is Protected Health Information?

Many laws and regulations impact health information—not just the Health Information Portability and Accountability Act (HIPAA).

But what IS Protected Health Information?

Kirk Nahra and Daniel Solove shared this example in a webinar:

Is “I drink Diet Coke” health information?

Maybe it’s not health information at all.
Maybe it indicates healthy practices (no sugar).
Maybe it indicates unhealthy practices (artificial sweetener use).

The answer isn’t simple.

My First Substack-only Post

My First Substack-only Post

“I’m Subbing”: https://open.substack.com/pub/johnebredehoft/p/im-subbing

Who Tests Facial Recognition Algorithms?

(Part of the biometric product marketing expert series)

Are facial recognition algorithms accurate?

Who tests them?

The U.S. National Institute of Standards and Technology, or NIST.

Visit https://www.nist.gov/programs-projects/face-technology-evaluations-frtefate

NIST FRTE. Not FRVT any more.

Comply with Privacy Requirements (4/7)

This is the fourth of seven vendor suggestions I made in my Biometric Update guest post.

“Comply with all privacy laws and regulations. This should be a given, but sometimes vendors are lax in this area. If your firm violates the law, and you are caught, you will literally pay the price.”

Ask companies doing business in the GDPR region, Illinois, Texas, and elsewhere how hefty those fines could be. Meta alone has received billions of dollars of fines in Ireland (EU) and over a billion dollars in Texas.

(Imagen 3)

Video Analytics is Nothing New or Special

There is nothing new under the sun, despite the MIT Technology Review’s trumpeting of the “new way” to track people.

The underlying article is gated, but here is what the public summary says:

“Police and federal agencies have found a controversial new way to skirt the growing patchwork of laws that curb how they use facial recognition: an AI model that can track people based on attributes like body size, gender, hair color and style, clothing, and accessories.

“The tool, called Track and built by the video analytics company Veritone, is used by 400 customers….”

Video analytics is nothing new. Viewing a picture of a particular backpack was a critical investigative lead after the Boston Marathon bombing. Two years later, I was adapting Morpho’s video analytics tool (now IDEMIA’s Augmented Vision) to U.S. use.

And it’s important to note that this is not strictly an IDENTIFICATION tool. Just because a tool finds someone with a particular body size, gender, hair color and style, clothing, and accessories means nothing. Hundreds of people may share those same attributes.

But when you combine them with an INDIVIDUALIZATION tool such as facial recognition…only then can you uniquely identify someone. (Augmented Vision can do this.)

And if facial recognition itself is only useful as an investigative lead…then video analytics without facial recognition is also only useful as an investigative lead.

Yawn.

(Imagen 3)

How to Isolate Your Unfocused Company

(StealthCo picture from Imagen 3)

So what are you doing, Jane?

“I’m a Scrum Master. Very busy.”

Who are you working for?

“I can’t tell you. We’re in stealth mode.”

When will you emerge?

“When we are ready to blow the world away.”

Um, how do you know that you will blow the world away?

“Our leader says so. And she knows what she’s talking about. She attended Stanford.”

But is anyone checking your assumptions?

“Of course. All 23 employees…forget I said that number.”

But what about your prospects? What are they saying?

“We know they will love it!”

Did they say they will love it?

“We know they will!”

What if the prospects learn about your stealth product and decide it sucks? And all the years you’ve spent developing in isolation are in vain because of a lack of true customer focus?

“That won’t happen. Our leader knows what she’s talking about. She founded one successful company, and uses that experience to guide us remotely from Texas.”

Who is this leader?

“Elizabeth Holmes. Have you heard of her?”

Ending the Isolation

There are potentially valid reasons for entering stealth mode, including protecting trade secrets and keeping the competition away.

But…there is a risk if you also keep the prospects away from your stealth mode operations and fail to engage with them. Who knows—maybe your prospects might have some ideas of what they need, and that information might be good to know. Your unicorn rockstar fearless dear leader may not know EVERYTHING.

If you want to work out a strategy for getting prospects engaged, let me ask you a few questions. Book a free meeting at https://bredemarket.com/cpa/

Store the Minimum (3/7)

This is the third of seven vendor suggestions I made in my Biometric Update guest post.

“Store only the minimum necessary personal information. If you don’t need to keep certain data, don’t store it. I’m sure our decentralized identity friends will agree with this.”

Take one such company, Anonybit. Did you ever wonder how Anonybit got its name? Here’s what Anonybit does with biometric data after capture:

“Convert biometric into sharded, anonymized bits (“anonybits”)

“Distribute the “anonybits” throughout the multi-party cloud environment for storage, where they are kept and never retrieved or reassembled, even for matching”

(Imagen 3)