Description: Facial-recognition locks by Hive Box, an express delivery locker company in China, were easily opened by a group of fourth-graders in a science-club demo using only a printed photo of the intended recipient’s face, leaving contents vulnerable to theft.
Entities
View all entitiesAlleged: Hive Box developed and deployed an AI system, which harmed Hive Box customers.
Risk Subdomain
A further 23 subdomains create an accessible and understandable classification of hazards and harms associated with AI
2.2. AI system security vulnerabilities and attacks
Risk Domain
The Domain Taxonomy of AI Risks classifies risks into seven AI risk domains: (1) Discrimination & toxicity, (2) Privacy & security, (3) Misinformation, (4) Malicious actors & misuse, (5) Human-computer interaction, (6) Socioeconomic & environmental harms, and (7) AI system safety, failures & limitations.
- Privacy & Security
Entity
Which, if any, entity is presented as the main cause of the risk
Human
Timing
The stage in the AI lifecycle at which the risk is presented as occurring
Post-deployment
Intent
Whether the risk is presented as occurring as an expected or unexpected outcome from pursuing a goal
Intentional
Incident Reports
Reports Timeline
Facial-recognition locks used by a company claiming to operate the world’s largest network of express delivery lockers have been hacked by a group of fourth-graders.
The primary schoolers from Jiaxing in eastern China’s Zhejiang province to…
Variants
A "variant" is an incident that shares the same causative factors, produces similar harms, and involves the same intelligent systems as a known AI incident. Rather than index variants as entirely separate incidents, we list variations of incidents under the first similar incident submitted to the database. Unlike other submission types to the incident database, variants are not required to have reporting in evidence external to the Incident Database. Learn more from the research paper.