“Photo DNA” – How reliable is it?

PhotoDNANo one can doubt that sexual crimes against children are among the most horrific imaginable. And given the obsession that lawmakers have with sex crimes and the punishment of anyone associated in any way with them, it’s not surprising that the market has responded with the creation of new technologies designed to help catch the people involved in Internet child pornography. A Swedish company has been quietly amassing a huge database of over 400,000 images and videos of what purports to be child pornography. They don’t clarify how they define this or how they determine if the original photos are of real children or simply digital creations, but they have combined forces with Microsoft’s “Digital Crimes Against Children” group  (did you know that Microsoft had such a group?) and produced something they call “PhotoDNA”, designed to help law enforcement catch the bad guys creating, distributing and viewing this stuff.

The goals are laudable, but because this is a one-side effort (Microsoft makes this available to law enforcement only, and not to the defense), there is no way for an objective observer to determine the answer to many critical questions. Capitalizing on public perceptions that DNA is infallible and scientific, the name alone creates presumptions that cannot be tested by the defense. The technology purports to identify a photograph’s “digital fingerprint” based on a hash algorithm which can then be applied to other suspect images to see if the suspect image is derived from, or identical to, the original image. Here’s what Microsoft says about the process:

“PhotoDNA uses a mathematical technique known as robust hashing that works by calculating a unique signature into a ‘hash’ that represents the essence of a particular photo. In the same way that the characteristics of every person’s DNA are different, the signature or ‘hash value’ for every photo is different, enabling the creation of a hash that can identify an image based on its unique characteristics or its ‘digital DNA.’ Although a photo’s hash cannot be used to re-create an image or identify people or items within an image, it can be compared with hashes of other photos as a reliable way to match two different copies of the same image”.

Several important questions arise. Have scientific validation studies been performed that have produced a reliable error rate for this technology? Even a DNA scientist will tell you about error rates. It is impossible to judge the value of a given technology without knowing the error rate produced when that technology is used in the field. Second, the technology claims to identify an image as originating with another image based on the similar hash value, but how do we know that the original image is authentic? What if that original image was photoshopped to begin with? And since this whole thing is driven by Microsoft software, does anyone really believe that the software implementation of the hash algorithms are 100% bug free?

The problem is compounded by the fact that neither Microsoft nor NetClean makes any of this technology available to the defense, just to law enforcement. Why on earth would anyone interested in getting at the TRUTH want to withhold from the only community that is charged with keeping the government honest? It’s shameful when companies discriminate against the defense and demonstrate their indifference to the real, well-documented reality that innocent people ARE convicted of crimes they did not commit. That’s what real DNA has taught us. This faux DNA, that seeks to ride the coattails of real science, is a good start at helping eradicate a very real problem in our society, but it becomes dangerous when its advocates refuse to shine the harsh light of scientific scrutiny on it. What are they afraid of?

See the joint Microsoft-NetClean video on PhotoDNA  here.

– RP