A Polish website called PimEyes uses facial recognition to search the internet for pictures of a person based on a single image.
That photo can be taken from a news site, social media, or an uploaded selfie, and the computer algorithm then shows matches on the web.
The free part of service shows photos it believes to be the same person, and rates the ‘match’ out of five stars.
It provides a generic name of the site where the picture is found (i.e. dailymail.co.uk), but does not provide a link or detailed information on the image’s context.
For that added insight, it offers a premium service for £9.79 a day where customers can see exactly where the photo comes from.
This fee also allows users to set up alerts, which notify them when an image matching the one they have uploaded is added to the internet.
That means if a person inputs a picture of a stranger to the site and sets up an alert for their face, the system will let the customer know when it finds this stranger in a picture posted to Twitter, for example.
An online security expert slammed the technology and said it poses a ‘very serious privacy implications’ for users.
Scroll down for video
A polish website called PimEyes uses facial recognition to search the internet for pictures of a person based on a single image. It is extremely effective at finding other images of famous people from a single image, such as Amanda Holden (pictured, PimEyes’s results)
Pictured, a photo of Amanda Holden taken today. This photo was fed into the PimEyes system and it was correctly matched to hundreds of other photos of the star
PimEyes premium allows people to set up to 25 alerts. These could be used for 25 photos of a single person, to increase success odds, or be photos of 25 people.
Dave Gershgorn reports for OneZero that the site also offers contracts to law-enforcement agencies.
He reports that the facial recognition software has the ability to scan ‘darknet websites’ as well as the surface web, and says that PimEyes is incorporated into the app of at least one company, called Paliscope.
Paliscope is targeted at law-enforcement agencies to allow them to use facial recognition on images and files, to help identify suspects in a case.
MailOnline tested the site to see how effective it was at finding non-famous people. A selfie taken at my desk today yielded no correct results (pictured)
When a Facebook profile picture was used and not a new selfie, the site found more pictures which are available online. However, it is worth noting that two of the results included the exact same image as the profile photo (top left). Pictured, PimEyes results
When this selfie, taken today and not available online until the publication of this article, the site found no results
Paliscope says it has partnered with 4theOne Foundation, an organisation which is dedicated to finding trafficked children.
PimEyes claims to allow people to protect their privacy and prevent the misuse of their images, but there are no safeguards in place to ensure a person uploads their own face.
There is nothing to prevent people uploading a photo of a stranger taken without permission and scouring the web for more details on their life.
The ability to seek out more images and information on a person from a single photo poses dangers to all manner of people.
PimEyes is not the first site to give the public access to facial recognition technology and search for a person’s face online.
Earlier this year, Russian search engine Yandex was accused of providing an unregulated facial recognition system and violating personal privacy.
Yandex, which claims to conduct more than 50 per cent of Russian searches on Android, allows users to input an image and see results of the exact same person.
Another Russian company, called NtechLab, launched FindFace in 2016. This functioned in a similar way to PimEyes and was extremely popular.
It was eventually shut down and the tech adapted for state surveillance. The company’s founders said at the time that they built the technology to help women find someone to date.
Brian Higgins, a security specialist at Comparitech.com told MailOnline the site poses ‘very serious and obvious privacy implications’.
‘I seriously doubt the developers are so naïve as to think it would only be used for its designated purpose,’ he adds.
‘Unfortunately, the internet is not governed by any blanket privacy protections. Every site or platform will ask users to accept its Terms and Conditions.
‘These are almost always many pages long and will include reference to “image ownership” which often allows the provider rights to storage and use of any images.
‘The FindFace T&Cs were a prime example of this, yet global uptake was swift and substantial.
‘Unfortunately, nobody reads the Terms and Conditions, thus allowing platforms like PimEyes to leverage new and developing technologies to provide potentially unethical products and services.
‘The only solution to the problem is for individual internet users to take their own privacy more seriously and take steps to protect themselves.’
When photos of both MailOnline health editor Stephen Mathews (left) and Cristiano Ronaldo (right) were fed into PimEyes, results were found for both. However, Ronaldo had hundreds of pages of results, while Mr Matthews received significantly fewer hits
Pictured, the results on PimEyes after the face of Cristiano Ronaldo is inserted into the software. The technology successfully found hundreds of pages of pictures online of the world famous footballer
Health editor at MailOnline, Stephen Matthews, used his Twitter profile picture and found the site was moderately successful. It correctly matched his face to more than ten results, however six of the results were the exact same photo (pictured)
The other results for Stephen Matthews (pictured) are variations of two individual photos — smiling after receiving a journalism award and a front-on picture used in another MailOnline article. It did not find any surprising or hidden pictures
MailOnline has approached PimEyes for comment but, at the time of publication, has not received a reply.
MailOnline reporters tested the site and found it had limited and temperamental success for a photo of a member of the general public.
When used on celebrities however, the site was, unsurprisingly, far more effective.
Images of Amanda Holden, Cristiano Ronaldo and Boris Johnson all yielded hundreds of correct matches, showing the effectiveness of the technology for a face that is regularly in the public domain.
It appears to be more effective on high-resolution images already online, as opposed to new selfies that have not been shared before.
I submitted a selfie taken at my home desk this morning, which had not been posted online in any capacity (until the publication of this article), into PimEyes.
It failed to find any photos of myself online from this selfie, despite there being a number on social media and on the MailOnline site.
However, when I used my Facebook profile picture it was more successful, finding six photos. It is worth noting that two of the results included the exact same image.
But it did successfully identify my face in four photographs which are online, from various sources.
This ability differentiates it from mainstream search engines such as Google, which do not use facial recognition in image searches.
Instead, Google’s technology looks for similar features such as attire and surroundings.
For example, if a white man with brown hair wearing a blue tie in front of a white background uses Google Image search on a selfie, it will provide images that match the description. It does not use data from a person’s face.
PimEyes however, pulled up images where I was wearing a variety of clothes in different lighting and surroundings, indicating it does indeed use facial recognition.
Both these images were inserted into PimEyes to see how its facial recognition technology worked, For British Prime Minister (left), it was extremely effective and produced hundreds of similar photos, For MailOnline health reporter Connor Boyd (right), it found only one photo, a holiday photo from five years ago
Boris Johnson yielded thousands of hits of different photos of him when his face was uploaded into PimEyes
MailOnline health reporter Connor Boyd also tested the PimEyes technology. After inputting a clear image, the software was able to correctly identify just one other image of Mr Boyd. This image — a five-year-old holiday photo — was surprising as it is a photo with very little prominence online or on social media
Health editor at MailOnline, Stephen Matthews, used his Twitter profile picture and found the site was moderately successful.
It correctly matched his face to more than ten results, however six of the results were the exact same photo on different domains.
The other results were variations of two individual photos — smiling after receiving a journalism award and a front-on picture used in another MailOnline article. It did not find any surprising or hidden pictures.
MailOnline health reporter Connor Boyd also tested the PimEyes technology.
After inputting a clear image, the software was able to correctly identify just one other image of Mr Boyd.
This image — a holiday photo from 2015 — was surprising as it is a photo with very little prominence online or on social media.
However, more readily available images of Mr Boyd were not identified by the software, despite his face appearing in past articles on MailOnline, one of the world’s most read websites. All other results were incorrect.
WHAT CAN USERS DO TO PROTECT THEMSELVES FROM FACIAL RECOGNITION MISUSE ONLINE?
Felix Rosbach, product manager at German software developing firm comforte AG says there is only so much an individual can do to protect themselves from this tech.
He told MailOnline: ‘As a private individual the only thing you can do to protect your data, is to make sure your social media profiles aren’t publicly available and by only sharing data with trusted parties.’
But Mr Rosbach adds that there is unfortunately very little users can do if peers post pictures of you publicly.
He calls on the search engines themselves to ensure members of the public are protected.
He said: ‘Search engines should make sure that these functionalities can’t be misused.
‘But with machine learning software becoming broadly available, there will always be a page or an app that is able to offer this service.
‘Companies instead should and can make sure that sensitive consumer data is protected all the time.
‘And it’s not only about securing the access to data – it’s also about strong data protection to make sure data is useless in case of a data loss, a misconfiguration or a data breach.’