When Apple rolled out the iPhone X with facial recognition, the company assuaged privacy experts by asserting that facial data will be securely stored on the device – but its security promises don’t extend to its legion of app developers, which is raising alarm bells with some experts.
According to a news report in Reuters, app developers are gearing up to create features like three-dimensional masks for selfies and video game characters that mimic the facial expressions of real-world players, tools that are made possible by the Face ID functionality. To achieve these types of features, Apple is giving developers access to certain facial data from phones, as long as they get the customers’ permission and agree to not sell that data.
Under the terms, the app developers are allowed to use a rough map of the customer’s face and dozens of facial expressions – but the data has to be taken off the phone and stored externally on the developer’s servers. It’s that placement of the data on the servers that is raising concerns among privacy experts, specifically about Apple’s ability to enforce the privacy rules that are in place with app developers.
Apple pointed out that it has enforcement tools in place that effectively protect the data of customers, and that the data accessed by the app makers isn’t able to unlock the phone.
“The privacy issues around the use of very sophisticated facial recognition technology for unlocking the phone have been overblown,” said Jay Stanley, a senior policy analyst with the American Civil Liberties Union, in an interview with Reuters. “The real privacy issues have to do with the access by third-party developers.”
The privacy experts said they are more concerned about marketers using facial expressions to detect how people respond to ads or content.