Privacy Experts Raise Concerns Over iOS Developer Access to Certain Pieces of Facial Data

[CarlJ]

Even if all developers stick to the strict Apple rules about this, what will happen if some of them get hacked and all the data is stolen? I mean this is quite a big possibility, especially since many developers do not have some "Top graded anti-NSA/breach" security on their servers.
Apple should never allow anyone to have access to this kind of data.

The "this kind of data" you're worried about is not the biometric data giving the precise geometry of your face, as used by Face ID.

Rather, it's your expression - user is smiling, user is raising an eyebrow, user blinked. If some of the developers get hacked and the data is stolen, some evil third party could find out that you once smiled. Are you still as concerned?

There are some privacy concerns related to programs monitoring in real time how you're reacting to something like an ad, but there's little point in a developer uploading and storing "user smiled and then blinked twice" - what they'd be interested in is "user had a positive reaction to the ad or feature that was on screen at that time".

The concern would be more along the lines of: imagine a F2P game that lets one get magic coins in exchange for watching ads, what if now the app paused the ad and refused to unpause it unless/until you were actually staring at the screen, and also recorded their guess at whether you liked or disliked the ad (based on combinations of "did user raise an eyebrow", "did user smile", etc.). That would fall somewhere on the annoying/worrisome/creepy end of the scale. And these are the actions that are prevented only by Apple saying they're going to look for software doing that and not let it through their software testing process.

Note that much of this could be done already, by any app that requests access to the camera - Apple's new frameworks just do the ground work of recognizing things like "user is smiling" without every developer having to reinvent that wheel using raw camera images. There's nothing right now to prevent developers from taking pictures of you and uploading them - if you've given the app access to your camera - other than Apple checking your app for code that does that.

The article seems fairly clear that this (gauging user reactions to on-screen content) is the issue at hand, but some people still seem to running around worrying because they've conflated this with concerns that user's biometric recognition data could be uploaded to servers (otherwise the "on noes, what if third-party servers are breached" line of reasoning is nonsensical) - this is not the issue (the high-res biometric data can't leave the iPhone, just as your fingerprint can't, with TouchID).

(As someone pointed out recently, a bigger concern would be if some company could get access to all your photos, and upload them to their servers, and use ever-improving software on their high-powered servers to sift through all your photos with facial-, scene-, and object-recognizing algorithms - repeating the process every time the algorithms improve - to deduce more and more details about you as an individual? Well, we have that already, in services like Google Photos. And people flock to use such services, because they're "free".)

 

[Rogifan]

Wow... what an ignorant, oblivious and idiotic statement to make when it comes to privacy.

I’m not going to worry based on something Reuters allegedly saw. If someone provides a link to an Apple document that says they are giving developers the ability to basically store a picture of my face on their servers maybe I’ll worry. But I haven’t seen that document yet. To me this is just like the worry over Touch ID when it first came out. Getting people worried about something Apple is doing is standard operating procedure for the media. Apple hysteria is good for clicks.

 

[anton_usa]

The secure enclave in all it's glory:
```
if (advertiser.isSecure)
facialData.releaseAll();
```

 

[omihek]

Did none of the top comments even read the article? They have to get customer permission before this is allowed. If you don't want apps scanning your face, just tap Don't Allow when it asks you for permission.

 

[DoctorTech]

So really, these guys are worried that an app will somehow figure out how often they're smiling, blinking, or raising their eyebrows? That's ridiculous.

Once the access is granted, it is up to the developer what they will do with the data they collect. What if the app (possibly a browser) stores how often a person smiles or laughs at a racist / sexist / sexual orientation joke or some other politically incorrect content? What if the app notes that a person's eyes dilate slightly while watching an ISIS video - is that "evidence" the person is a terrorist or terrorist sympathizer? This goes beyond tracking what content a person views, it has the potential to capture physiological reactions to what they view - that is a significant change from what developers can collect today.

 

[Macneck]

This technology definitely opens a whole new world of possibilities... both for good and evil. I'd rather wait for iphone XXX before jumping into this pool full of water? punjis? I can't see.

...mmmm...iPhone XXX.... I like that!

 

[djlythium]

Are you aware it's not 2011?

Thought the same thing, like WTF? How'd you screw that up?

 

[TheShadowKnows!]

Trust me, I don’t worry about much. In fact I’m pretty care free in day to day life.

However my internet,online privacy concerns me more and more.

So much so that I only keep the apps I absolutely must have on my devices.

Our online privacy is non existent at the moment that’s how I feel.

Keeping Internet app hygiene is simply smart -- totally agree.

However, folks in here will concoct dark scenarios of FaceID stealth, while happily partaking with FaceBook, Instagram, Twitter, Google Plus, et al.

And, in my opinion, once you engage with social networking you have lost control of your identity.

 

[HQuest]

Can someone share how many fingerprints were captured by developers or third party companies, from Apple or Google based devices, since these products went out to the public?

I think ultimately everybody has to be concerned on usage, and ultimately Apple (or Google, whenever they decide to embrace the idea) are to put in controls on who does what. Until the technology is out in the wild and we have more devs looking at what they can and what they cannot do, this is all troll feeding.

 

[DoctorTech]

>Stanley said that "the hard part" for Apple will come from having to find and catch the apps
>that might be violating these policies, meaning that the big household names probably won't
>be of concern to Apple, "but there's still a lot of room for bottom feeders."

Lets not forget that "big household names" like Vizio and Bose have both been sued in recent years for violating customers' privacy. Bose's app was reporting back to the mother ship everything that users were listening to on their Bose headphones and Vizio smart TVs were collecting data on everything customers were watching on their TVs. These are just the companies that have been caught. Who knows how many other "big household names" are also collecting this type of data to sell to marketers without the public's knowledge?

 

[The Mercurian]

That assumes the following isn’t part of the picture.



Such a toggle will likely show up similar to existing permissions you grant.

View attachment 730628

Now if you are concerned, or, the application requires Face detection in order to function, simply don’t use it.

And you are assuming that everyone understands the significance of these settings and/or exactly how these data could be used. Most people don't. Not to mention teenagers etc being impulsive and not thinking much about such things.
This 'feature' should be banned.

 

[840quadra]

Did none of the top comments even read the article? They have to get customer permission before this is allowed. If you don't want apps scanning your face, just tap Don't Allow when it asks you for permission.

Sadly people don’t fully read articles before commenting (I sometimes am guilty of this too), just like people don’t often read warnings on screens before pressing OK.

I bet many people complaining on here likely have cameras and Micropones enabled within some applications, and don’t think twice about it. Doing so, you trust that Apple is preventing devs from always listening when apps or open, or sending data outside your device when inactive.

Have “Hey Siri”, “Hey Google” activated on your smartphone, you also have an open mic to the world and putting quite a bit of trust into those companies as well.

And you are assuming that everyone understands the significance of these settings and/or exactly how these data could be used. Most people don't. Not to mention teenagers etc being impulsive and not thinking much about such things.
This 'feature' should be banned.

I disagree, strongly.

I don’t want features disabled simply because people (including parents) can’t be bothered to read, or try to comprehend a feature or function they decide to enable.

 

[kemal]

I would prefer FaceID to only return correct person yes/no. None of this animated poo crap and free focus group capabilities.

 

[iapplelove]

Keeping Internet app hygiene is simply smart -- totally agree.

However, folks in here will concoct dark scenarios of FaceID stealth, while happily partaking with FaceBook, Instagram, Twitter, Google Plus, et al.

And, in my opinion, once you engage with social networking you have lost control of your identity.

lol I’ve never even had a FB.

 

[CarlJ]

Wait a second. Didn't Al Franken already grandstand about this then get all starstruck when Apple responded? According to All Frankens expert opinion we have nothing to worry about.

Let's be clear here: a member of the Senate Judiciary Committee on Privacy, Technology, and the Law sent a letter to Apple asking for details on their newly announced facial recognition security mechanism. How is that grandstanding? Would you prefer that the committee charged with keeping the senate informed on privacy and technology issues not pay attention to ... a new privacy and technology issue? That's not "grandstanding", that's doing his job.

By the way, there's one "l" in "Al", and you missed the apostrophe in "Franken's". Also please provide a link to where Senator Franken said his opinion was expert and where he said we have nothing to worry about. He simply said "I appreciate Apple's willingness to engage with my office on these issues, and I'm glad to see the steps that the company has taken to address consumer privacy and security concerns," in response to the information that Apple sent. That's not "starstruck", that's being polite.

The committee asked for an official response to some questions, the company provided answers, the committee said thank you. Isn't this how things are supposed to work? But you just wanted to get upset.

 

[DoctorTech]

Did none of the top comments even read the article? They have to get customer permission before this is allowed. If you don't want apps scanning your face, just tap Don't Allow when it asks you for permission.

Is the user granting permission actually required by iOS for the app to gain access to the camera or is it an Apple policy that the app must ask for permission before using the camera? I am honestly asking, I cannot tell from the way the article is worded. I would feel better if iOS actually prevents the an app from using the camera unless the user gives permission (which is the way I think it works). If it is just policy, then there is always the risk that a developer could ignore the rules and hope they don't get caught (like Volkswagen did with their rigged EPA emissions testing software a couple years ago).

 

[thisisnotmyname]

Yeah but with touchID developers didnt get any info, or numbers for that matter, about your fingerprint. With FaceID, they will be getting actual pictures of your face, along with all the characteristics of it. This is quite different.

Do we know this? I'm being serious. The API for Animoji style filters may just include data defining locations of facial features and "expression" types (smile, frown, etc... degrees of each). To developers those data would be much more useful than raw images. In any case, even if they receive meshes and textures defining our entire face, as we've seen from the demonstrations on Face ID this would still not break the Face ID security as making a 3D mask of a persons face does not authenticate to the system. In that sense, providing spacial data on your face is no more of a security issue than providing access to the camera in any other iOS/iPhone scenario.

And lets be real here - people, as i, use TouchID for logging into different apps for its convenience - because it is quick and easy. I assume they will be doing the same with FaceID so everytime you'll log into, lets say your bank account, the bank could easily get a picture of your face.

You are conflating Face ID as an authentication method with 3D Sense (or whatever they call that) as an app feature. Face ID - like Touch ID - would be entirely client side and only provide a success/failure message back to the hosting app. Enabling 3D sense for apps that want to do custom filters would presumably provide different data (the only similarity being that both use the 3D Sense camera system to obtain raw information).

 

[alexgowers]

Even if the data was useful. A 3rd party businesses storing user data is not apples problem. If there are privacy concerns then there should be regulations for those storing and using data in this way? This is raised and an issue, yet equifax get hacked releasing the entirety of their data and social security numbers of most working US population and they just blanket ignore it.

This weird witch hunt is beyond belief, when actual crimes that will affect the entire US are happening now and NOTHING has changed. I have no concerns with Apple scanning faces as you can’t do anything much with a face. Even if you wanted to use the data it’s got nothing on financial companies that seem immune to this kind of probing! I’m astonished this is even being brought up!

 

[dwsolberg]

Spot on, Rogifan.

i am ready to see dark conspiracy theories wind by recursive descent all over this thread. /s

I agree in general, but I don't think it hurts to question privacy things.

 

[CarlJ]

If someone provides a link to an Apple document that says they are giving developers the ability to basically store a picture of my face on their servers maybe I’ll worry.

Keep in mind that developers already have the ability to store an exacting, detailed, full-color, 5-7 megapixel picture of your face on their servers. The "they could tell what you look like!!1!" aspect, that some here are pursuing, is just silly. Any app that has been given permission to use the camera could take a hi-res close-up picture of you staring intently at the screen, any time it is running, and upload that (or upload many of those). As well, people take close up hi-res selfies and upload them as avatars all the time.

 

[Taipan]

I have to admit, I was under the impression that developers don‘t get any info apart from yes or no from the secure enclave, and I‘d prefer it that way.

 

[jst_testing]

Reconstruction of your face into a hologram?

 

[alphaod]

So maybe Apple needs to separate the front and back camera permissions? I can use back camera, but the front camera does not work.

 

[fairuz]

Presumably Face ID is more like Touch ID, which is very different from the Camera app. I can disable access to the camera on an app-by-app basis, but I can't disable Touch ID on an app-by-app basis.

Apps that use TouchID don't get your fingerprint data, so it's not a concern anyway. It's just an auth callback.
[doublepost=1509639222][/doublepost]

If I'm ad advertiser, I want to show ads that make people smile. If I know I get a certain reaction with a specific ad, I can continue to show it, further linking pleasure and joy with my product. If I don't want to be targeted in this way, Apple needs to provide a way to opt out.

Do you show your teeth when you smile? No? "Maybe you need to try Crest whitening toothpaste®, now with enhanced whitening!"

A way to opt out? Ad blocker
Wanna take it further? An ad blocker that clicks all ads (which does exist)
[doublepost=1509639349][/doublepost]I don't think it's an issue if all they get is things like enum(smiling, frowning, ...) for what your facial expression is. Maybe a bit annoying but nothing dangerous.

 

[Labeno]

They fixed it (so to speak)

Apple's quality control only checks for fashion nowadays instead of functionality. I miss the old Apple that cared about simplicity and functionality.