More about PimEyes' database and opt-out service

During the last five years PimEyes has established itself as a leading and the most efficient facial recognition platform that made professionally designed facial recognition services publicly available.

PimEyes has been standing for the idea of free internet and accessible technologies since the moment it has been created as a small startup. However, the technology itself is controversial and there are often questions rising about the ethical side of making facial recognition publicly accessible. More accessible the technology is, more are concerns about privacy and data materials that are proceed or stored by company.

PimEyes has elaborated a unique way to proceed data. Notwithstanding the fact that the company has the biggest database in Europe, it contains not a single photo. Instead of collecting photos and storing them, PimEyes, like any conventional online search engine performs a search based on unique index system. So called “faceprints” found on the internet are indexed only for search purpose. Indexation process is never linked to any specific person, but to the URL address where certain photos (set of indexes) are found. Accordingly, the database of PimEyes contains no personal information, but - indexes of publicly available websites that doesn’t require special permission to access. Therefore, while providing results, PimEyes downloads and displays images from the external web sites. This process is done as a secure on-the-fly process, commonly known as a proxy. Images are stored only temporarily and are deleted immediately after being displayed.

Notwithstanding the fact that such approach at some extend causes dissatisfaction of customers who want to keep their search history, or archive the search data, PimEyes considers this approach more safe and advisable, as far as if the database will be somehow breached and the information will leak in the internet, there is no possible way to reconstruct any photo, or establish identity of any person, based on the scrap materials inside a database. It is the unique AI that instrumentalizes the index system and makes searches possible. Such approach on the one hand has freed PimEyes from the burden of storing photo materials of customers and third persons, however it arises another question: How company verifies if the users proceed only their personal data? The short answer is that PimEyes does not verify the identity of its customers.

PimEyes just provides a tool, and the user is obliged to use the tool with responsibility. Everyone can buy a hammer, and everyone can either craft with this tool, or kill. It is impossible to check if certain individuals use every tool in their possession in accordance with the law and it is unwise to oblige toolmakers to ensure that their product will be used as they are intended to be used. If PimEyes starts to verify every user and compare it to the data searched by the user, this might turn the company into a monster that stores not only the personal, biometric data of each subscriber, but the materials that in the most of cases they would like to leave confidential. Therefore, it is crucially important for company to have opened communication policy, cooperate with media and various information platforms to encourage ethical usage of service and internet.

Same time, to reduce risks of services of Pimeyes being abused, the company has elaborated set of internal rules. Exactly, accounts with suspicious activities are being monitored and in case of concerns they are suspended. However, it is impossible to check what, or are the owners of the account looking for, but it is possible to know how many searches they perform daily.

PimEyes only stores the partial data of customers in case of PROtect service and that is caused not on behalf of company policy, but because of clumsiness and inefficiency of existing legislation. To perform successful takedown of explicit material of a certain person whose images have been linked to the various web sites, including the web sites working in the field of adult industry, the owner of the data must provide proof of their identity, contact information, address and even signature. That is the moment, where an individual risks to become identifiable for the groups that have already potentially violated their privacy rights. PimEyes stands for making existing regulations more flexible that would give individuals more opportunities to fight for their rights without putting themselves under additional risks. To reduce those risks, the company has urged all its subscribers to anonymize their identity documents, that are used to send takedown requests.

Another question that is ethically concerning PimEyes is the availability to control search results by the users. For that purpose, company has introduced opt-out and DMCA forms to public, which are openly available on the web site. However, as far as the company doesn’t store photo materials in the database, Opt-Out procedures are not as simple as users might expect. Below is presented a brief description how PimEyes opt out mechanism works.

• User uploads a face image, anonymized scan of ID, and email address and gives consent to perform a search

• PimEyes support verifies if the ID matches the photo and if the photo quality is good

• after verification of the request, a search is performed with the use of the uploaded image

• Every search result that has a high similarity level is automatically saved on the separate blocklist in the form of 1) URL address of the external image and 2) unique hash of the image (general hash algorithm, without facial features, only simple pixel image comparison), and is removed from our indexes

This will prevent in future from finding the same image and saving it again to our index. But, because of AI’s complex and not deterministic nature, opt-request could not find all matches. It’s advised to perform multiple opt-out requests with different photos.

If some image is still visible, it’s always possible to submit the special form to remove certain search result, customer needs ro press desired search result, then they should choose ”Exclude from public results” from menu and then “proceed with excluding image”. After entering email adress and reason why search results should not be avalilable, there is button - "submit request".

The biggest challenge PimEyes has faced is that the materials removed from our database might re-appear in the future as far as the material might appear on different URL address, or the image of the same person, with different index combination might be used for the search. In this case there still exists reduced but significant possibility that the search engine will pick up the image. Accordingly, the company advice users to repeat the opt out procedure again. However, to overcome this challenge PimEyes has already started essential technical procedures, what includes training of AI, simplification of the index system, enhancement of the block lists, identification of the mirrored URL addresses etc. The process requires multiple complex technical tasks to be performed and multiple testing, accordingly it will take some time before it is fully operational and implemented.

It is worth mentioning that even at this stage every user has possibility to control the search results and remove information related to them from company’s database and this can be done without subscribing to any of the paid services. The company believes that customers should pay for service, not for their rights.