As service members in the Israeli military, Gil Perry, Sella Blondheim, and Eliran Kuta gained first-hand knowledge of privacy risks in the age of social media, online consumption, and an increasingly connected world. Due to the sensitive nature of their roles, including a decade as captain in the elite 8200 Intelligence unit for Kuta, they were barred from sharing personal photos on social media to avoid facial recognition technologies.
Recognizing the risks to privacy and security, the trio came together in 2017 to establish D-ID, an Israeli startup that works to protect digital images and videos from increasingly prevalent unauthorized automated facial recognition.
In an era where CCTV cameras are everywhere and 95 million photos are uploaded to Instagram every day, the marketing and retail industries have become one of the top users of facial recognition tech. Walgreens, for example, the second-largest pharmacy store in the US, rolled out a new technology suite that displays targeted ads on cooler doors, specific to the consumer standing in front of them in real-time.
Such technologies are also harnessed significantly by security and law enforcement agencies as well as governments for surveillance and other purposes. They use companies like the controversial New York firm Clearview AI which is known for scraping over three billion images and videos from social media giants such as Facebook, Twitter, YouTube, and Snapchat and is now facing legal action. (Clearview’s tech has also been used by clients such as Bank of America, Macy’s, and Walmart, according to legal filings, and announced it will no longer work with non-law enforcement and non-government clients.)
The market for this technology is also growing exponentially. According to a 2019 research report, the facial recognition industry is expected to grow from $3.2 billion in 2019 to $7.0 billion by 2024 in the US alone.
D-ID, short for De-Identification, uses advanced deep learning and image processing technologies to change certain elements of images and videos, removing key biometric data while preserving other important attributes. These changes are undetectable to the human eye, but render the images unrecognizable to facial recognition algorithms.
Perry, who serves as D-ID CEO, tells NoCamels via email, “We turned into a world of visualization. We are at times obsessive in taking pictures and selfies as we forget our photos contain biometric data. While pictures and videos are used with facial recognition, anyone can be tracked, hacked and even his identity can be stolen that’s why our photos and videos must be protected.”
Everyone has a smartphone these days, and people take and upload pictures on various channels “without really understanding the risks,” Perry told Forbes last year. He spoke of a “perfect storm” of increased facial recognition accuracy, “a market of photos and images everywhere, and the business storage of photos from customers, employees and visitors” at shops, border crossings, roads, and so on. “This amounts to a perfect storm. The realization is that privacy is gone. We have lost our basic human right to privacy,” he said.
The company lists four main threats to privacy posed by facial recognition: misuse by companies as use of the tech is not regulated or overseen; misuse by governments and law enforcement agencies; potential inaccuracy, paving the way for discrimination and incorrect identification; and the potential breach of facial recognition databases, which could put companies and people at risk.
But in 2017 when D-ID was founded, there wasn’t much general awareness of the risks of facial recognition, such as data privacy and misidentification, and the co-founders did not gain much traction with VCs at first.
Then, European General Data Protection and Regulation (GDPR) was launched in May 2018.
Leveraging data under GDPR compliance
“We see more and more cases of images and videos taken and used without consent those should be D-ID’d or anonymized,” Perry tells NoCamels. From biometric passports, to iPhone’s Face-ID, our faces are becoming our “passwords” more and more. Faces are considered particularly sensitive data because they can be used to directly link us to our identities and are much harder to change than passwords, for example.
For this reason, GDPR classifies facial images as sensitive personally identifiable information (PII), and protects it under its regulation. This regulation, however, exposes companies that use publicly taken videos or images for marketing or analytics to hefty fines if there was no explicit consent from those appearing in the images (which is usually the case).
Other solutions that protect against facial recognition software resort to blatant image distortion techniques such as blurring or pixelation. D-ID’s solution uncovers a middle ground by preserving the information that’s useful for marketing and analytics, such as age, race, and gender, but destroying the digital bridge that could be used to get from a person’s face to their identity.
In 2019, D-ID rolled out its Smart Anonymization tool, a proprietary anonymization algorithm that replaces facial features and other PII (like license plates) with computer-generated data. The software removes facial images without processing or profiling the subject, and replaces the images with AI-generated, photorealistic faces of nonexistent people, the company explained in the announcement.
The solution, says the company, “allows for analytics to be collected while respecting privacy laws and regulations.”
“Privacy regulations like GDPR were put in place to give people power over their personal data, not to prevent companies from reaping the rewards that analyzing big data can offer,” said Perry. “Our Smart Anonymization solution fulfills that vision by allowing privacy and visual data commercialization to co-exist.”
There has been some disagreement about whether or not D-ID’s solution does indeed provide GDPR compliance. For example, Gaëtan Goldberg, a data privacy lawyer with GDPR watchdog NOYB, explained that because race is a special category under GDPR, processing data that discerns race is illegal without explicit consent. However, a privacy lawyer that advises D-ID responded that “there never is a point where D-ID’s Smart Anonymization solution analyzes, reveals, or stores” this type of sensitive data.
In November 2019, the company signed a strategic partnership with Toppan, a Japanese global printing company that provides solutions in the fields of printing, communications, and security, that will deploy D-ID’s technology across Japan and Asia. The partnership is expected to exceed sales of $9 million over two years, enhance privacy protection for customers in verticals such as smart cities, tourism, human resources, healthcare, and finance, according to the announcement. Toppan also intends to use its new D-ID-based service to revitalize regional economies and develop new personal privacy protection services.
Today, D-ID tells NoCamels, “ Our target market is automotive industries, CCTVs retail, smart-cities, and media companies.”
A graduate of the Y Combinator accelerator based in Tel Aviv and of EISP 8200, the company has raised close to $20 million to date, including a $13.5 million Series A round last week led by AXA Venture Partners, with participation from Pitango Venture Capital, Y Combinator, AI Alliance, Hyundai Motor Company, OMRON Ventures, Maverick Ventures, Mindset Ventures and Redds Capital.
The investment was notable for its timing as the world grapples with a global health crisis.
“Raising this level of investor interest during a period of economic uncertainty speaks to the need our solutions fill,” said Blondheim, who serves as D-ID COO. “The convergence of increased surveillance and individual privacy protection places enterprises in a position where they must either anonymize their stored footage or risk violating privacy laws and face costly penalties.”
“Visual data is being used by an increasing number of companies and services. This includes facial images that contain sensitive biometric data,” said Manish Agarwal General Partner at AXA Venture Partners. “We have been impressed by the quality of the team at D-ID and they have created a product to safeguard that biometric data, which will go a long way in protecting these companies across the globe.”
The D-ID team and advisory team include deep learning developers leaders, global security and privacy experts to join our team and advisory board among them are Prof. Adi Shamir, a co-inventor of the Rivest–Shamir–Adleman (RSA) algorithm, and Dr. Ann Cavoukian, the creator and developer of the Privacy by Design concept, and the former Information & Privacy Commissioner for Ontario, Canada.
Rami Kalish, general managing partner and co-founder at Pitango Venture Capital said that protection against surveillance “is one of the most sought-after ideas of the 21st century.”