Meta’s Facial Recognition Lawsuit May Intensify Privacy Law Discussion 

Facial Recognition Policy Law Signed In WA

There was a time when online platforms “moved fast, broke rules,” and were rewarded with massive consumer (and financial) growth while encountering limited regulatory pushback, if any at all. This was the case for Meta (formerly Facebook) and Uber, who were able to exploit some regulatory “gaps” because their business models were so novel that they didn´t really fit under the existing frameworks.  

Fast forward a few years and we see that regulators are catching up with technology — and in this case, with Meta. In addition to the well-known antitrust issues and platform regulation concerns, Meta is facing privacy concerns all over the world, particularly in Europe and the U.S. But the recent lawsuit filed by Texas against Meta´s facial recognition practices may bring a new wave of regulatory efforts to step up privacy protection. 

The lawsuit, filed by Texas Attorney General Ken Paxton, seeks civil penalties in the hundreds of billions of dollars, according to the Wall Street Journal. At stake is the company´s longstanding and now discontinued use of facial-recognition technology — according to the filing, it violated the state’s privacy protections for personal biometric data. 

“Facebook has been secretly harvesting Texans’ most personal information — photos and videos — for its own corporate profit,” Mr. Paxton said. “Texas law has prohibited such harvesting without informed consent for over 20 years. While ordinary Texans have been using Facebook to innocently share photos of loved ones with friends and family, we now know that Facebook has been brazenly ignoring Texas law for the last decade.” 

Meta said that the claims are without merit and that users were always provided with notice and an opportunity to consent when they used these services. 

The company settled another lawsuit over its facial recognition practices for about $650 million in Illinois. While privacy laws in both states differ and the outcome of the legal battle may also differ, this litigation puts Meta´s practices in the spotlight and it may also raise questions, again, about the need to have a federal privacy law in the U.S. instead of scattered state laws and a federal privacy regulator, rather than relying on the Federal Trade Commission to investigate privacy violations affecting consumers. 

Companies like Meta operate at a global scale while privacy laws offer different protections in each state, which may reduce the deterrence effect for digital platforms to apply the most stringent privacy protections. 

Meta already announced that it is shutting down the face recognition system on Facebook and said it would delete more than a billion people´s individual facial recognition templates. However, Texas officials point out that “Facebook has made no such commitment with respect to any of the other platforms or operations under its corporate umbrella, such as Instagram, WhatsApp, Facebook Reality Labs, or its upcoming virtual-reality metaverse.”

And this is what could put Meta more in the spotlight: the continuation of a practice that is deemed to violate privacy laws, or at the very least, doesn’t come with the blessing of regulators. 

Regulators are scrutinizing each step Meta takes, whether it is about content moderation, mergers, privacy or metaverse. This lawsuit will probably only increase this scrutiny, regardless of the result. 

Read More: Meta Warns of Facebook, Instagram Service Interruptions Over EU Data Rules 

 

Sign up here for daily updates on the legal, policy and regulatory issues shaping the future of the connected economy.