How higher ed can prepare for facial recognition
- A culture of transparency is essential
- The institution needs best-fit technology and robust security
- Incremental implementation builds trust
Facial recognition technology presents a number of exciting opportunities for improving the higher ed experience. It promises a more personalized student experience, insights to improve curriculum planning and teaching based on facial expression data collected during classroom lectures, and more secure facilities access. But the notion of introducing campus-wide facial tracking raises a number of risks and concerns.
Safely and securely maintaining a dense facial recognition data library is easier said than done, same with operating and maintaining every piece of imaging equipment used to capture and register facial imagery. And if more and more systems begin to use facial recognition as a tool for secure access, how much of a person’s identity, data, and safety is compromised when a malefactor gets possession of this data? Nowadays, a person can reset a password, cancel a card and quickly receive a new account number, or activate a new ID card—but one can’t exactly change their face (excluding more drastic options).
It’s true that students are increasingly willing to offer schools more data in exchange for a richer student experience, but they also count on a certain level of trust and transparency regarding how their data is used, managed, and protected.
With facial recognition accuracy already above 97%, institutions can begin using applications with confidence in the technology. So, for part two of this two-part series, let’s run through a few cybersecurity and campus-culture concerns for facial recognition on campus, including steps and considerations to ensure a successful implementation.
4 steps to prepare for successful facial recognition implementation
1. Ask practical questions up front, and aim for transparency and safety
How many new cameras will an institution need to keep track of, and how easy or difficult will it be to compromise a system by tinkering with just the camera itself, in-person or by remote connection?
Will everyone clearly understand how to interact with—and what to expect from—the technology? What will the response be if the whole system or a single person’s identity is compromised, and what are the legal implications and responsibilities? How will one school’s security failure affect the culture at other institutions?
Will faculty and students feel like facial recognition represents an invasion of privacy? And are there GDPR regulations that need to be addressed?
Researching these questions with your stakeholders and giving them the opportunity to raise additional ones will help build a culture of transparency and trust which is important for a smooth implementation.
2. Get familiar with the equipment
To launch a successful facial recognition program, institutions need to have the right cameras for the job. Here are some tips to consider when selecting equipment:
- High-definition cameras with facial recognition sensors are needed to capture the face with high clarity. In a low-light setup, a camera also needs infrared sensors, like those used in the iPhone X, to capture the face clearly. Like all tech equipment, costs need to be weighed for purchasing, installing, and maintaining.
- Test models thoroughly before installing one. For example, the system should be able to differentiate live faces from static images. No one should be able to fool the system using face masks or photographs of other people. Furthermore, by testing the technology and proving the usefulness of the data being tracked, IT can start to build momentum for campus-wide investment and implementation.
- Even with the best equipment, errors can occur. So, a conflict resolution mechanism is recommended for when the system makes a mistake. When students are successfully identified for attendance tracking, they might receive a confirmation message on their mobile device. But in cases where the system rejects them, they should still be able to have their attendance recorded manually.
3. Cover your cybersecurity bases
On the whole, hackers attempting to fool the iPhone X’s Face ID technology have come up short. Expensive and expert-constructed masks are, so far, either not detailed enough or not alive enough. That said, most malefactors probably won’t try to produce expensive, high-quality masks in order to trick these systems. They may instead opt to trick users into looking at cameras that register their face to grant access (to information systems or secure facilities), or produce 3-d images using photographs taken from social media.
Guard against data breaches by testing and following best practices for security. Here are a few cybersecurity questions to ask when preparing to implement:
- Will the data be encrypted and separated from other identifying aspects of students?
- Who can see the data? Select IT personnel, advisors, faculty, and students themselves?
- What will administrators be able to do with the data?
Practical and empathetic data governance discussions about managing and protecting this data will help keep institutions on top of these concerns.
4. Prepare campus culture for facial recognition
It’s important to design an experience that doesn’t convey a culture of surveillance. This means institutions should aim to foster a culture of trust around facial tracking, limiting use of the technology to instances that students and faculty agree to, are well aware of, and benefit from.
- Students and faculty may want the ability to opt out, or to know what their data will or will not be used for—it’s an opportunity for institutions to take a look at the transparency and governance around student data.
- Administrators can also build trust through incremental implementation, rather than all students coming to class one day and finding cameras scanning their face every 60 seconds in every classroom and building.
Facial recognition systems can gather data that potentially leads to breakthroughs in student success modeling, as well as improved campus security. But implementation will not be a simple matter of plugging in some new cameras and flipping a switch or two.
Campuses will have to earn buy-in from students as well as faculty and administrators, by first proving the safety, functionality, and benefits—and by safely (and incrementally) implementing the technology. As with most new technologies, it’s important to start small and build awareness and momentum in order to stay ahead of security issues.
If implemented mindfully and securely, facial recognition is another way for institutions to provide a deeper, more personal experience for students, where all data measured and analyzed leads to improved student outcomes.
And in case you missed my previous blog on the benefits of facial recognition, you can find it here.
Check out our data security blogs for more writing on innovative ways colleges are building the foundations and processes that keep student and administrative data secure while enabling innovative and integrative operations.