Privacy Advocates and Devs Raise Concerns About Third-Party App Access to TrueDepth Camera

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Nov 30, 2017.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Apple goes into great detail about the security of the Face ID facial recognition system built into the iPhone X in a security white paper and a support document, but relatively little has been said about the access that developers have to facial data captured by the TrueDepth camera, which has led privacy advocates and developers to express concerns about what apps can glean about you from your face.

    A new piece from The Washington Post that includes commentary from both privacy experts and Apple itself explores the data third-party apps can access, echoing concerns previously brought up earlier this month.

    [​IMG]

    Apps have no access to the facial map that Face ID uses to unlock your device, but developers are able to use the TrueDepth camera to scan a user's face for the purpose of creating more realistic augmented reality apps. As described by Apple:
    Apps are able to see a full 3D face map along with a "live read-out" of 52 micro-movements in the eyelids, mouth, and other features. MeasureKit, a free app developed by Rinat Khanov, has a face mesh tool built in that displays the facial data the TrueDepth camera can capture along with a list of the facial expressions it tracks.

    [​IMG]

    Apple has a privacy policy that's been in place since before the iPhone X launched requiring apps that use the TrueDepth camera to have a privacy policy, secure user consent option, and a clear outline of what data is being collected and how it's used, but The Washington Post's Geoffrey Fowler worries about the future implications of the TrueDepth camera, where such facial data could perhaps be used to determine gender, race, sexuality, or track facial expressions to determine medical conditions like depression.

    "We take privacy and security very seriously," Apple spokesman Tom Neumayr said. "This commitment is reflected in the strong protections we have built around Face ID data--protecting it with the Secure Enclave in iPhone X--as well as many other technical safeguards we have built into iOS."

    Khanov, the developer behind the aforementioned MeasureKit app, says Apple's policies may not be enough. Khanov didn't initially have a privacy policy in place in his app, and it was approved anyway. Apple said it was an oversight and asked Khanov to implement a privacy policy right away.
    As Fowler points out, apps that are using the TrueDepth camera are not currently providing enough information to customers. The popup to access the TrueDepth camera is the same generic popup that is required for the standard front and rear-facing cameras, and it does not mention that additional data is being collected.

    Whether Apple will put stricter policies in place remains to be seen, as does how this kind of facial recognition data will be used in the future, but customers should be made aware of what's being provided to app developers. For those concerned, it's worth downloading the MeasureKit app or a similar app to see what's potentially being collected when an app accesses the camera on your iPhone X.

    Article Link: Privacy Advocates and Devs Raise Concerns About Third-Party App Access to TrueDepth Camera
     
  2. Zaft macrumors 68040

    Zaft

    Joined:
    Jun 16, 2009
    Location:
    Brooklyn, NY
    #2
    Hundreds of apps go through approval each day, some will sneak through.
     
  3. FelixDerKater macrumors 68030

    FelixDerKater

    Joined:
    Apr 12, 2002
    Location:
    Nirgendwo in Amerika
  4. nitramwin, Nov 30, 2017
    Last edited: Nov 30, 2017

    nitramwin macrumors member

    Joined:
    Mar 18, 2008
    #4
    As the de facto industry leader, it will be interesting to see how Apple deals with these questions. Insurance and marketing companies love learning more about how we behave and what we look like (color of skin, attractiveness, propensity to smile, state of teeth etc). Unfortunately, the consequences likely won't be good for the large majority of people out there who will be profiled and sorted into risk classes.
     
  5. Jbusick7944 macrumors regular

    Joined:
    Oct 8, 2008
    #5
    And people will cry as if a victim. You have the option to not buy the phone, not use the apps etc.
     
  6. btrach144 macrumors 68000

    btrach144

    Joined:
    Aug 28, 2015
    #6
    I'm sure in 5 years we'll be reading some report that X company got special API access to FaceID APIs directly from Apple and X company stored user face scans on their servers.

    Just like how Apple gave special API access to Uber for the Apple Watch, which allowed Uber to infringe upon user privacy.
     
  7. djcerla macrumors 68000

    djcerla

    Joined:
    Apr 23, 2015
    Location:
    Italy
    #7
    In the meanwhile, silently, Facebook and Google store informations about billions of users down to the disposition of their pubic hair.
     
  8. iGeneo macrumors regular

    iGeneo

    Joined:
    Jul 3, 2010
    #8
    Not seeing the app in the AppStore?

    NVM... Found it
     
  9. Apple Corps macrumors 68030

    Joined:
    Apr 26, 2003
    Location:
    California
    #9
    And you know this how.......
     
  10. ViDeOmAnCiNi macrumors member

    ViDeOmAnCiNi

    Joined:
    Sep 15, 2016
    Location:
    AZ
    #10
    OMG people, please lighten up. FaceID has got to be the best feature I've seen in a phone yet. Being able to lift it and it unlocks w/o intervention is frickin' amazing IMO. All my apps that used to use TouchID now are using the FaceID and it's, again, frickin' amazing! I am so pleased with this phone. Hands down it's the best phone I have ever owned. Period.
     
  11. calzon65 macrumors 6502a

    calzon65

    Joined:
    Jul 16, 2008
    #11
    "We take privacy and security very seriously," Apple spokesman Tom Neumayr said. "This commitment is reflected in the strong protections we have built around Face ID data--protecting it with the Secure Enclave in iPhone X--as well as many other technical safeguards we have built into iOS."

    What a bunch of legal double talk. I'm sure when Equifax was hacked they also said they took security seriously while over 100 million people's sensitive financial information was released into the dark web.

    Bottom line, more and more companies today have our personal data and when they are hacked, they just say we are sorry, but we did take security seriously.
     
  12. Glideslope macrumors 603

    Glideslope

    Joined:
    Dec 7, 2007
    Location:
    A quiet place in NY.
    #12
    People who choose the Ecosystem also have a right to understand the Gardner enforces their security as written. :apple:
     
  13. JCCL macrumors 6502a

    Joined:
    Apr 3, 2010
    #13
    It is funny, it is on essence the same technology Microsoft has used since Kinect and since 2015 has used in Windows 10 with some laptops and tablets (Surface Devices and other high end devices), and yet pretty much no one complained until Apple released their implementation.
     
  14. DrewDaHilp1 macrumors 6502a

    DrewDaHilp1

    Joined:
    Mar 29, 2009
    Location:
    All Your Memes Are Belong to US
    #14
    Link please

    Found it
     
  15. Dwalls90 macrumors 601

    Dwalls90

    Joined:
    Feb 5, 2009
    #15
    This reminds me of all the privacy concern items that swirled when Touch ID was released. Now it's looked upon as one of the iPhones greatest hardware aspects.

    If you're not comfortable using the technology, then don't use it. This isn't something Apple is forcing upon you.
     
  16. manu chao macrumors 603

    Joined:
    Jul 30, 2003
    #16
    The simplest thing Apple could do is add facial data as another privacy category (my guess would be that currently an app needs access to the 'camera' category in the privacy options to get access to facial data). Many of the complaints about facial data apply to the selfie camera as well. Surely nobody is blaming Apple for including a selfie camera.
     
  17. scaramoosh macrumors 6502a

    Joined:
    Nov 30, 2014
    #17
    As soon as they require you to look at the phone to continue playing an ad.... my iPhone X goes on eBay.
     
  18. jerryk macrumors 601

    Joined:
    Nov 3, 2011
    Location:
    SF Bay Area
    #18
    Not sure why this is an issue. Seems like developers should have access to this camera and the mapping software.
    What the develop or anyone should not have access to are Apple's proprietary mechanism for using the data from the camera to unlock the device.

    This one app should have requested user permission to use the technology did not ask and was not required to ask. This is a bug that will not doubt be fixed soon.

    As far as making assumption about race, gender, etc based on facial features, you can already do the already that with a regular picture.
     
  19. nwcs macrumors 68000

    nwcs

    Joined:
    Sep 21, 2009
    Location:
    Tennessee
    #19
    Apple and Oranges. In this case some facial information is allowed be sent to a server somewhere. With Touch ID it never did happen.

    I suspect this type of thing will become more prevalent. I’m actually OK with it as device authentication but I’ll increasingly refuse to allow any app to access any face info of any kind.
     
  20. DblHelix macrumors 6502

    Joined:
    Mar 19, 2009
    #20
    Don't like it buy another phone. I am tired of privacy advocates (otherwise known as tech averse idiots) dictating what I can and cannot do.
     
  21. fmalloy macrumors 6502

    Joined:
    Nov 5, 2007
    #21
    I sure fooled them - I don't have any!
     
  22. Lucifer666 macrumors 6502a

    Joined:
    Sep 20, 2014
    #22
    Put a face to the info. Throw in some Watch health data
     
  23. jingbugle macrumors member

    Joined:
    Jan 9, 2007
    #23
    All photos we have uploaded to Amazon Cloud drive, Google Cloud drive, Facebook and possibly Apple's iCloud have AI algorithms running on them to find similar faces, age, gender. I am sure that data is available with those Cloud providers and is possibly being provided to marketing companies.
     
  24. ersan191 macrumors 65816

    Joined:
    Oct 26, 2013
    #24
    I haven't used a third party app that uses TrueDepth yet but at the very least it should say "This application is requesting access to the TrueDepth Camera" and a little blurb about what security implications there are for that. Probably separate from the regular camera popup.
     
  25. guzhogi macrumors 68030

    guzhogi

    Joined:
    Aug 31, 2003
    Location:
    Wherever my feet take me…
    #25
    As long as the developers are upfront about using the camera and what it does with it, I'm okay with it. If people choose to use it fine. If they don't, that's fine, too. As long as they make informed decisions, I don't mind.
     

Share This Page

92 November 30, 2017