Profile image
By Electronic Frontier Foundation (Reporter)
Contributor profile | More stories
Story Views

Last Hour:
Last 24 Hours:

Researchers Matched Images on Tattoo Websites to a German Police Database

Thursday, November 3, 2016 12:25
% of readers think this story is Fact. Add your two cents.

For the last year, EFF has been battling to free records from the National Institute of Standards and Technology (NIST) regarding an ethically dubious research program to promote the development of automated tattoo recognition technology. The agency is months delinquent in providing a variety of information, most notably the list of 19 research entities who received a giant set of tattoo images obtained from prisoners in custody. This delay is particularly alarming as NIST is currently recruiting institutional participants for the next stage of its expanded research, scheduled to begin on Dec. 1. 

What we’ve discovered so far about NIST’s approach to tattoo identification raises major concerns for privacy, free speech, the freedom to associate, and the rights of research subjects. We’ve also learned that similar tattoo recognition experiments are being conducted in Germany, a country that is usually sensitive to personal privacy.

One of our chief concerns is how automated tattoo recognition technology—algorithms that can match tattoos—can be used to identify and track people in a similar way to how facial recognition systems are being deployed by law enforcement entities. We foresee a future where this technology is used to scan tattoo images on the Internet as a form of surveillance.

A presentation recently released in response to our Freedom of Information Act request confirms that this is not only possible but that researchers in Germany have already used tattoo recognition technology in this way.

Although we still don’t have the full list of 19 organizations who participated in the FBI-sponsored Tattoo Recognition Technology Challenge (Tatt-C), we do know that the Fraunhofer Institute of Optronics, System Technologies and Image Exploitation, a German research body, was one of them.

As part of Tatt-C, NIST and the FBI provided research entities with more than 15,000 images “operationally collected” by law enforcement and asked researchers to run a series of trials using their proprietary tattoo-analysis algorithms. Fraunhofer reported that it was able to match two images of the same tattoo taken over a period of time with 96.8% accuracy.

But that wasn’t the only the tattoo research Fraunhofer has conducted. 

According to presentation delivered at a NIST event these researchers scraped images from at least two commercial tattoo websites and then used automated algorithms to match those tattoos to a much larger set of mages obtained from the German police.

The presentation shows that researchers grabbed 8,400 images from, an online resource for people looking for tattoo ideas, and another 848 images from, an online store for the body art community. Those images were then combined with 330,000 images from the Federal Criminal Police Office of Germany.

One particular slide showed researchers had not fully thought through the propriety of scraping private databases:

The researchers acknowledge that there may have been privacy issues with scraping commercial databases. They claim that the German police images “were not considered personal data, however…” But the “however” was never followed up with an answer in the slide deck.  A video of the various Tatt-C presentations that may have shown the follow-up has been removed from the NIST website. 

Fraunhofer’s position on police images reflects a troubling and contradictory assumption that was also adopted by NIST. On one hand, researchers claim that tattoos are not considered personally identifiable information. On the other, they argue that tattoos are a useful biometric for identifying people. As a hypothetical example in the presentation, Fraunhofer used a tattoo on a woman’s foot as a way to identify a missing person. 

This development illustrates why it’s in the public interest for NIST to release the list of 19 entities who participate in Tatt-C: the companies and research institutions involved may be engaged in activities that deserve greater scrutiny.

EFF’s research into NIST’s program revealed how the research had not gone through the proper ethical review until after the research had been completed. Our report also found that personally identifiable information had been inappropriately released and published, a fact admitted by NIST in response to our report. NIST subsequently redacted many of the tattoo images from the presentations it published on its website.

EFF raised First Amendment concerns, since the experiments, often using religious imagery, were designed to show how technology could use tattoos to establish associations between subjects. NIST also scrubbed claims in its documentation that tattoo recognition would be useful in identifying people’s religious and ritualistic beliefs.

As a public entity, NIST has a responsibility to be transparent and follow ethical guidelines. We call upon the U.S. Department of Commerce, which has jurisdiction over NIST, to release documents in response to our FOIA request immediately. German citizens may want to explore what precautions Fraunhofer and the German federal police are taking with their own tattoo experiments.

Share this: Share on Twitter Share on Facebook Share on Google+ Share on Diaspora Join EFF


We encourage you to Share our Reports, Analyses, Breaking News and Videos. Simply Click your Favorite Social Media Button and Share.

Report abuse


Your Comments
Question   Razz  Sad   Evil  Exclaim  Smile  Redface  Biggrin  Surprised  Eek   Confused   Cool  LOL   Mad   Twisted  Rolleyes   Wink  Idea  Arrow  Neutral  Cry   Mr. Green

Top Stories
Recent Stories



Top Global

Top Alternative




Email this story
Email this story

If you really want to ban this commenter, please write down the reason:

If you really want to disable all recommended stories, click on OK button. After that, you will be redirect to your options page.