Facebook wants to own your face. Here’s why that’s a privacy disaster

Mark Zuckerberg Tagged

Scanning your face is easier than remembering a password, that’s for sure. But while facial recognition technology has gone mainstream with Apple’s FaceID and Microsoft’s Windows Hello, we’re only now thinking through the cybersecurity and privacy concerns.

Now Facebook, among other companies, are finding questionable ways to use this new data. To get to the bottom of just how dangerous that could be, we spoke with Theresa Payton, the former White House Chief Information Officer for the George W. Bush administration. She’s now deeply involved in the world of cybersecurity — and has some serious concerns about how Facebook intends to use the tech.

Your face belongs to you, doesn’t it?

Facial recognition technology has great potential, even in the world of cybersecurity. In the case of authentication, for example, it makes locking devices and accounts simpler for those who are slow to move to methods like two-factor authentication. But, as Theresa Payton explained, there’s a dark side to the technology.

Facebook says scanning and recognizing your face helps “protect you from a stranger using your photo to impersonate you.”

“I believe there are a lot of really cool things that could come out of this technology, but recent history tells us we need to play out worse-case scenarios,” Payton told Digital Trends. “We need to understand that new technology will always be released a year or two before we really understand the ramifications of securing that data, as well as the legal aspects of protecting privacy.”

According to a recent New York Times report, Facebook’s use of facial recognition to pick your  face out of photos has a handful of civil rights organization up in arms. Using artificial intelligence and its own proprietary algorithm, Facebook already knows your face as well as your best friend.

In Facebook’s own words, scanning and recognizing your face helps “protect you from a stranger using your photo to impersonate you.” At least, that’s what it said when it first tried to introduce the technology in Europe six years ago. Facebook pulled back when EU regulators started asking questions about security and privacy – but now, the issue has returned.

facebook facial recognition privacy theresa payton portrait
Therea Payton, former White House Chief Information Officer to the Bush Administration.

You might think Facebook would retire the idea completely due these previous concerns, along with the recent Cambridge Analytica data scandal, yet the company has no plan to stop.

“They said, ‘Okay, we learned a lot,’ and basically ‘We want to make it easier to authenticate, to classify their photos and videos,” said Payton. “They basically said you shouldn’t worry about this, because we’re going to let the users control facial recognition.”

“This is cool technology, but why don’t we all take a step back and talk about the uses [of Facebook’s facial recognition]”

Facebook’s plan to analyze your face don’t stop with photos and authentication. As reported by WWD, the social media giant wants to monetize facial recognition further with what it calls “augmented commerce.” The idea is to help brands transform simple Facebook ads into interactive AR experiences. The problem? No one knows what Facebook or its ad partners will do with the data gained from scanning your face.

And that’s only the beginning. Facebook holds several worrisome and downright creepy patents regarding facial recognition technology. One Minority Report-like patent described a way to set a “trust level” for each person who enters a store. By recognizing their faces and connecting it to the data in their Facebook profile, the system could figure out which shoppers were “trustworthy,” or could unlock special deals. Other disturbing patents include a system for tracking your emotions by scanning your face and matching that to what you’re currently looking at.

Facebook's facial recognition patent emotion tracking
One of Facebook’s new facial recognition patents that track emotions by scanning your face and matching it to what you’re currently looking at.

“You are not going to get a new face,” said Peyton. “This is cool technology, but why don’t we all take a step back and talk about the uses and applications of that technology and play out future security and privacy concerns?”

She has a point. It’s not hard to imagine a day when biometrics are accurate and routinely used for accessing your bank account. If your face was then stolen, that could be incredibly problematic. But that wouldn’t happen, right?

Biometrics won’t save us

Technology like facial recognition and fingerprint scanners are often seen as the safer alternative to simple passwords. But if that data is not secured, the consequences are catastrophic. We’ve already seen it happen. In 2015, the Office of Personnel Management had a breach that resulted in the theft of 5.6 million unencrypted fingerprints.

“I’m incredibly worried about the ease in which biometrics could be stolen and used for nefarious purposes,” said Payton.

“Play out those scenarios with this technology and come up with your countermeasures for that.”

With massive machine learning infrastructure to power biometric scanning in place for companies like Google, Facebook, Apple, and Microsoft, we tend to assume those companies are also hiding that data away in a digital locked vault.Payton says our ability to protect our biometric data is “woefully lacking right now.”

It seems it’s only worth implementing if companies are willing to do the hard work of securing the data.

“Here’s what I’d say to these technology companies…Let us know that you are thinking through these worse-case scenarios,” she said. “Play out those scenarios with this technology and come up with your countermeasures for that. If we at least get those assurances, that’d be incredibly helpful given the current state of affairs.”

Payton isn’t calling for an end to biometric scanning and facial recognition. Instead, she proposed a more responsible way to use it hand-in-hand with other technology. Rather than rely solely on something like a fingerprint scanner, Payton’s advice was for companies to combine it with behavioral-based data that could act as biometric two-factor authentication. A system might be able to know things like when the individual typically makes transactions, what kind of operating system they use, or how fast they type.

facebook facial recognition privacy tag header image tagged

“There’s a lot of biometrics and behavioral-based information if you match the two together, then you have assurances of who that person really is,” she insisted.

But it’s not too late, Payton argued. We’ve seen the worst social media has to offer in the past couple of years, but if we could wind back the clock and warn ourselves when this was all beginning, our world might look different than it does today.

“If that worse-case scenario had been played out in in the late 1990s and early 2000s, maybe things would have been a little different on these social media platforms,” said Payton. “Let’s not repeat that type of mistake with these newer technologies we’re introducing.”

Product Review

With its epic screen, Apple's iPhone XS Max is a phone you can live inside

The iPhone XS Max is here. Should you get the massive 6.5-inch iPhone from Apple? Or should you pick the smaller iPhone XS? We’ve been putting the Max through its paces to find out in our review.
Computing

Google tells lawmakers it allows other apps access to your Gmail

Google admitted to lawmakers in a letter that its privacy policy allows third-party apps access to the email messages of its 1.4 billion Gmail users. Google says the apps need the consent of users before access is granted.
Mobile

Samsung exec confirms upcoming Galaxy S10 will sport 'very significant changes'

While we still may be months away from an announcement, there's no doubt about it: Samsung is working hard on its successor to the Galaxy S9. Here's everything we know about the upcoming Samsung Galaxy S10.
Emerging Tech

Crazy vending machine swaps computer art for your permanent selfie

Coder artist Matthias Dörfelt's camera-equipped vending machine swaps unique prints of computer-generated faces for the rights to upload your selfie onto the main Ethereum blockchain.
Computing

Tap Strap wearable keyboard gains support for VR applications

TAP System's wearable keyboard gains support for virtual reality, now compatible with Windows Mixed Reality, Oculus Rift, and HTV headsets. Type and tap for up to eight hours in VR without needing to look at a physical keyboard.
Computing

Wi-Fi vulnerability could allow attackers to steal your data on unencrypted sites

A 20-year-old security flaw in the design of the Wi-Fi standard and how computers communicate using the transmission control protocol could allow hackers to perform a web cache poisoning attack to steal your data and login information.
Product Review

The powerhouse Alienware 17 R5 will leave your desktop in the dust

With a 17-inch display and a chassis weighing in at nearly 10 pounds, the Alienware 17 R5 is truly massive. Between its weight and its hardware, it’s certainly outfitted like a gaming desktop so let’s find out if it performs like one.
Deals

Walmart takes $380 off the MacBook Air for a limited time

Walmart is offering a steep discount on the MacBook Air. Though the $380 discount is lovely, this offer comes with an extra charger to sweeten the deal. If you're looking to pick up an Apple MacBook for less, now is an excellent time.
Computing

PDF to JPG conversion is quick and easy using these simple methods

Converting file formats can be an absolute pain, but it doesn't have to be. We've put together a comprehensive guide on how to convert a PDF to JPG, no matter which operating system you're running.
Computing

Documentation shows data recovery possible for Macs with T2 coprocessor

New documentation from Apple shows that data recovery is indeed possible for Macs with T2 Coprocessor thanks to internal diagnostics software, giving users of the 2018 MacBook Pro new hope in the event of a system failure.
Computing

Smart Reply not smart enough? Desktop Gmail users can soon opt out

Google will soon give desktop Gmail users the ability to opt out of Smart Reply. If you'd prefer to compose a short email the old-fashioned way, you can do so without seeing the auto-generated suggestions in the future.
Computing

Edit, sign, append, and save with 12 of the best PDF editors

There are plenty of PDF editors to be had online, and though the selection is robust, finding a solid solution with the tools you need can be tough. Here, we've rounded up best PDF editors, so you can edit no matter your budget or OS.
Product Review

The HP Chromebook x2 takes Chrome to the next level

HP’s Chromebook x2 acts a lot like Microsoft’s Surface Book 2, with a well-equipped tablet that plugs into a keyboard base that’s heavy enough to keep the combination mostly stable. Is this premium Chromebook the best one you can buy?
Computing

Pain in the wrists? Type in comfort with one of these great ergonomic keyboards

Long typing sessions can leave anyone's wrists aching, but if you have one of the best ergonomic keyboards, that doesn't have to be the case. Our list of favorites will support good typing posture while being comfortable to use.