A Polish website called PimEyes uses facial recognition to search the internet for pictures of a person based on a single image.
That photo can be taken from a news site, social media, or an uploaded selfie, and the computer algorithm then shows matches on the web.
The free part of service shows photos it believes to be the same person, and rates the ‘match’ out of five stars.
It provides a generic name of the site where the picture is found (i.e. dailymail.co.uk), but does not provide a link or detailed information on the image’s context.
For that added insight, it offers a premium service for £9.79 a day where customers can see exactly where the photo comes from.
This fee also allows users to set up alerts, which notify them when an image matching the one they have uploaded is added to the internet.
That means if a person inputs a picture of a stranger to the site and sets up an alert for their face, the system will let the customer know when it finds this stranger in a picture posted to Twitter, for example.
An online security expert slammed the technology and said it poses a ‘very serious privacy implications’ for users.
MailOnline tested the software on pictures of reporters and celebrities with mixed results.
Scroll down for video
This photograph of Amanda Holden was taken today. It was inputted into the PimEyes system and the facial recognition revealed thousands of different images of the star
Pictured, the results from PimEyes when Amanda Holden’s face was inputted into the software. The Polish company was extremely effective at finding other images of the Britain’s Got Talent judge
PimEyes premium allows people to set up to 25 alerts. These could be used for 25 photos of a single person, to increase success odds, or be photos of 25 people.
Dave Gershgorn reports for OneZero that the site also offers contracts to law-enforcement agencies.
He reports that the facial recognition software has the ability to scan ‘darknet websites’ as well as the surface web, and says that PimEyes is incorporated into the app of at least one company, called Paliscope.
Paliscope is targeted at law-enforcement agencies to allow them to use facial recognition on images and files, to help identify suspects in a case.
Paliscope says it has partnered with 4theOne Foundation, an organisation which is dedicated to finding trafficked children.
PimEyes claims to allow people to protect their privacy and prevent the misuse of their images, but there are no safeguards in place to ensure a person uploads their own face.
There is nothing to prevent people uploading a photo of a stranger taken without permission and scouring the web for more details on their life.
The ability to seek out more images and information on a person from a single photo poses dangers to all manner of people.
PimEyes is not the first site to give the public access to facial recognition technology and search for a person’s face online.
Earlier this year, Russian search engine Yandex was accused of providing an unregulated facial recognition system and violating personal privacy.
Yandex, which claims to conduct more than 50 per cent of Russian searches on Android, allows users to input an image and see results of the exact same person.
Another Russian company, called NtechLab, launched FindFace in 2016. This functioned in a similar way to PimEyes and was extremely popular.
It was eventually shut down and the tech adapted for state surveillance. The company’s founders said at the time that they built the technology to help women find someone to date.
MailOnline reporters tested the site and found it had limited and temperamental success for a photo of a member of the general public. Pictured, two images that were uploaded. The selfie on the left was taken this morning and yielded no matches. The image on the right, from Facebook, did create matches
MailOnline tested the site to see how effective it was at finding non-famous people. When a selfie taken at my desk today was put into the system, it found no correct matches (pictured)
When a Facebook profile picture was used and not a new selfie, the site found more pictures which are available online (pictured, the results). However, it is worth noting that two of the results included the exact same image as the profile photo (top left)
Brian Higgins, a security specialist at Comparitech.com told MailOnline the site poses ‘very serious and obvious privacy implications’.
‘I seriously doubt the developers are so naïve as to think it would only be used for its designated purpose,’ he adds.
‘Unfortunately, the internet is not governed by any blanket privacy protections. Every site or platform will ask users to accept its Terms and Conditions.
‘These are almost always many pages long and will include reference to “image ownership” which often allows the provider rights to storage and use of any images.
When the Twitter display photo of MailOnline health editor Stephen Mathews (pictured) was fed into PimEyes, it found correct matches
‘The FindFace T&Cs were a prime example of this, yet global uptake was swift and substantial.
‘Unfortunately, nobody reads the Terms and Conditions, thus allowing platforms like PimEyes to leverage new and developing technologies to provide potentially unethical products and services.
‘The only solution to the problem is for individual internet users to take their own privacy more seriously and take steps to protect themselves.’
Pictured, the first page of PimEyes results when health editor at MailOnline, Stephen Matthews, used his Twitter profile picture. It correctly matched his face to more than ten results, however six of the results included the exact same photo (pictured)
Pictured, more results for Stephen Matthews (pictured). These matches are the correct person but they are all variations of two individual photos — smiling after receiving a journalism award and a front-on picture used in another MailOnline article. It did not find any surprising or hidden pictures
MailOnline has approached PimEyes for comment but, at the time of publication, has not received a reply.
MailOnline reporters tested the site and found it had limited and temperamental success for a photo of a member of the general public.
When used on celebrities however, the site was, unsurprisingly, far more effective.
Images of Amanda Holden, Piers Morgan and Boris Johnson all yielded hundreds of correct matches, showing the effectiveness of the technology for a face that is regularly in the public domain.
This photo, posted by Piers Morgan on his Instagram account today, was put into the PimEyes system
It appears to be more effective on high-resolution images already online, as opposed to new selfies that have not been shared before.
I submitted a selfie taken at my home desk this morning, which had not been posted online in any capacity (until the publication of this article), into PimEyes.
It failed to find any photos of myself online from this selfie, despite there being a number on social media and on the MailOnline site.
The photograph of Piers Morgan holding up a sausage roll yielded several different results of the journalist and TV personality from elsewhere on the internet (pictured)
However, when I used my Facebook profile picture it was more successful, finding six photos. It is worth noting that two of the results included the exact same image.
But it did successfully identify my face in four photographs which are online, from various sources.
This ability differentiates it from mainstream search engines such as Google, which do not use facial recognition in image searches.
Pictured, British Prime Minister Boris Johnson. this photo was put into PimEyes and revealed thousands of matches
Instead, Google’s technology looks for similar features such as attire and surroundings.
For example, if a white man with brown hair wearing a blue tie in front of a white background uses Google Image search on a selfie, it will provide images that match the description. It does not use data from a person’s face.
PimEyes however, pulled up images where I was wearing a variety of clothes in different lighting and surroundings, indicating it does indeed use facial recognition.
Boris Johnson yielded thousands of hits of different photos of him when his face was uploaded into PimEyes when MailOnline tested his photo
Health editor at MailOnline, Stephen Matthews, used his Twitter profile picture and found the site was moderately successful.
Pictured, the image of MailOnline health reporter Connor Boyd which was inputted into the PimEyes system
It correctly matched his face to more than ten results, however six of the results were the exact same photo on different domains.
The other results were variations of two individual photos — smiling after receiving a journalism award and a front-on picture used in another MailOnline article. It did not find any surprising or hidden pictures.
MailOnline health reporter Connor Boyd also tested the PimEyes technology.
After inputting a clear image, the software was able to correctly identify just one other image of Mr Boyd.
This image — a holiday photo from 2015 — was surprising as it is a photo with very little prominence online or on social media.
However, more readily available images of Mr Boyd were not identified by the software, despite his face appearing in past articles on MailOnline, one of the world’s most read websites. All other results were incorrect.
MailOnline health reporter Connor Boyd also tested the PimEyes technology. After inputting a clear image, the software was able to correctly identify just one other image of Mr Boyd. This image — a five-year-old holiday photo (top left) — was surprising as it is a photo with very little prominence online or on social media
WHAT CAN USERS DO TO PROTECT THEMSELVES FROM FACIAL RECOGNITION MISUSE ONLINE?
Felix Rosbach, product manager at German software developing firm comforte AG says there is only so much an individual can do to protect themselves from this tech.
He told MailOnline: ‘As a private individual the only thing you can do to protect your data, is to make sure your social media profiles aren’t publicly available and by only sharing data with trusted parties.’
But Mr Rosbach adds that there is unfortunately very little users can do if peers post pictures of you publicly.
He calls on the search engines themselves to ensure members of the public are protected.
He said: ‘Search engines should make sure that these functionalities can’t be misused.
‘But with machine learning software becoming broadly available, there will always be a page or an app that is able to offer this service.
‘Companies instead should and can make sure that sensitive consumer data is protected all the time.
‘And it’s not only about securing the access to data – it’s also about strong data protection to make sure data is useless in case of a data loss, a misconfiguration or a data breach.’