AI-generated imitations raise legitimate concerns, and Congress should consider narrowly-targeted and proportionate proposals to deal with them. Instead, some Senators have proposed the broad NO FAKES Act, which would create an expansive and confusing new intellectual property right with few real safeguard against abuse. Tell Congress to throw out the NO FAKES Act and start over.
The Senate Judiciary Committee is set to consider and vote on the Nurture Originals, Foster Art, and Keep Entertainment Safe Act (NO FAKES). Instead of targeting the real privacy harms posed by AI-generated replicas, this law would create another layer of internet censorship on top of the already existing legal and voluntary takedown systems. Congress should reject NO FAKES.
Tell Congress to Say No to NO FAKES
As currently written, NO FAKES proposes to tackle the problems of misleading AI-generated replicas by creating a broad property right in someone's look, voice, and general style. However, there are all kinds of First Amendment-protected expression that would be swept under the NO FAKES regime—think about parody, news, criticism.
NO FAKES also does a laughable job of protecting artists from use of their image in misleading ways. It doesn’t create a privacy right, but rather a property right that can easily be signed away—as major studios and record labels are almost certain to require in their contracts with artists. As a result, NO FAKES actually creates a new avenue for the exploitation of artists by companies instead of protection from misleading replicas.
The bill also makes it trivially easy for protected speech to be censored. It is a supercharged version of the already flawed copyright takedown regime. It would essentially require platforms to institute filters that don't just look for exact matches of copyrighted material, as current filters do, but anything that might be a digital replica. Even though the latest version of this bill adds some forms of redress for bad faith takedowns, those provisions lack the teeth required to deter a malicious actor.
NO FAKES targets speech, tools, and innovation instead of focusing on the real concern posed by these replicas: privacy. This bill was a bad idea when it was introduced, and got even worse when it was amended last year. Tell Congress to just say no to NO FAKES.
Just days after a damning WIRED report exposed that Meta had quietly embedded facial recognition technology (FRT) code into millions of phones, the tech giant has quietly acquiesced in demands to reverse course.
Last week, researchers identified code in Meta AI, a companion app for its line of smart glasses, that could convert images of faces into unique biometric signatures to identify strangers in public. EFF’s Threat Lab verified these findings through static analysis, and reminded consumers to think twice before buying or using Meta’s surveillance glasses.
Just as quietly as Meta embedded this code, the app’s June 5th app update appears to have quietly removed all those features and systems. Gone is the face-recognition technology, the code meant to trigger “Person recognized” alerts, and the machine learning models and databases designed to detect, digitize, and store the biometric signatures of people users engage with.
When WIRED broke the news last week, Meta’s executives immediately went on the defensive. Yet, their actions speak louder than their tweets: less than 48 hours after the public caught wind of their plans, Meta quietly launched an update to scrub nearly all traces of the FRT system from their app.
But this quiet deletion of code does not equal a permanent change of heart. Meta previously used face recognition, and stopped only after it faced the legal and financial consequences. Now the company has refused to answer WIRED’s inquiries on whether it plans to bring the NameTag system back in the future, or what they did with any data they may have already collected during internal testing.
There are billions of reasons not to turn Meta’s customers into a distributed surveillance machine. This whiplash behavior proves exactly why we cannot rely on the "good will" of Big Tech to protect our digital rights. We need robust, enforceable consumer privacy laws, complete with a private right of action that allows everyday people to sue companies that violate their biometric privacy.
While we won this round, Meta's FRT ambitions probably aren't going away. EFF will keep watching.
