iPhone XS and XS Max in silver, space gray, and gold.
U.S. Senator Raises Questions About Security and Privacy of Face ID
Just a day after Apple unveiled its new flagship iPhone X equipped with a facial recognition system, United States Senator Al Franken (D-MN), who is a member of the Senate Judiciary Committee on Privacy, Technology, and the Law, sent a letter [PDF] to Apple CEO Tim Cook with some questions on the privacy and the security of the Face ID feature.
Face ID is designed to take a 3D face scan that determines the structure of a person's face and transforms it into a mathematical model for device authentication and unlocking purposes. Apple has said that Face ID is protected by the same Secure Enclave that keeps Touch ID data safe, and that all processing takes place on the device itself with no data uploaded to the cloud. Furthermore, Apple says Face ID can't be fooled by a photo or a mask.
In his letter, Franken raises concerns about how Apple plans to use facial recognition data in the future, the diversity of its training, how Apple will respond to law enforcement requests for Face ID data or the Face ID system, and if it might be fooled by a photo or a mask.
- Can Apple extract Face ID data from a device, will Apple ever store Face ID data remotely, and can Apple confirm that it has no plans to use faceprint data for purposes other than Face ID?
- Where did the one billion images that were used to train Face ID come from, and what steps did the company take to ensure the system was trained on a diverse set of faces?
- Does Face ID perpetually search for a face, and does Apple locally retain the raw photos of faces used to unlock the device? Will Apple retain the faceprints of individuals other than the owner of the device?
- What safeguard has Apple implemented to prevent the unlocking of the iPhone X when someone other than the owner holds the device up to the owners face? How does it distinguish a user's face from a photo or mask?
- How will Apple respond to law enforcement requests to access Apple's faceprint data or the Face ID system itself?
Back when Touch ID was first announced as a new feature in the iPhone 5s, Franken sent Cook a similar letter asking for clarification on how the Touch ID feature works.
Franken asks Tim Cook to respond to all of his Face ID questions by October 13, 2017. Apple is not obligated to respond as this is not a subpoena, but the company will likely cooperate with the request for information.
Face ID is designed to take a 3D face scan that determines the structure of a person's face and transforms it into a mathematical model for device authentication and unlocking purposes. Apple has said that Face ID is protected by the same Secure Enclave that keeps Touch ID data safe, and that all processing takes place on the device itself with no data uploaded to the cloud. Furthermore, Apple says Face ID can't be fooled by a photo or a mask.
In his letter, Franken raises concerns about how Apple plans to use facial recognition data in the future, the diversity of its training, how Apple will respond to law enforcement requests for Face ID data or the Face ID system, and if it might be fooled by a photo or a mask.
Since the announcement, however, reporters, advocates, and iPhone users have raised concerns about how Face ID could impact Americans' fundamental right to privacy, speculated on the ways in which Apple could use faceprint data in the future, and questioned the quality and security of the technology.Franken asks Cook to respond to a series of 10 questions, many of which have already been addressed by Apple. Among the questions:
For example, it has previously been reported that many facial recognition systems have a higher rate of error when tested for accuracy in identifying people of color, which may be explained by variety of factors, including a lack of diversity in the faces that were used to train a system. Furthermore, some have expressed concern that the system could be fooled, and thus the device unlocked, by a photo or a mask of the owner of the device.
- Can Apple extract Face ID data from a device, will Apple ever store Face ID data remotely, and can Apple confirm that it has no plans to use faceprint data for purposes other than Face ID?
- Where did the one billion images that were used to train Face ID come from, and what steps did the company take to ensure the system was trained on a diverse set of faces?
- Does Face ID perpetually search for a face, and does Apple locally retain the raw photos of faces used to unlock the device? Will Apple retain the faceprints of individuals other than the owner of the device?
- What safeguard has Apple implemented to prevent the unlocking of the iPhone X when someone other than the owner holds the device up to the owners face? How does it distinguish a user's face from a photo or mask?
- How will Apple respond to law enforcement requests to access Apple's faceprint data or the Face ID system itself?
Back when Touch ID was first announced as a new feature in the iPhone 5s, Franken sent Cook a similar letter asking for clarification on how the Touch ID feature works.
Franken asks Tim Cook to respond to all of his Face ID questions by October 13, 2017. Apple is not obligated to respond as this is not a subpoena, but the company will likely cooperate with the request for information.
[ 307 comments ]
Top Rated Comments
(View all)
13 months ago
I like Al Franken. I kind of know the answers to these questions being an Apple fan, but I think it's important to make sure the answers to these questions are as widely known as possible. It's a win for everybody too. Apple ends up looking like privacy advocates and important questions are answered before the next FBI case.
13 months ago
The government is suddenly worried about protecting our privacy? Maybe they should look at how they invade the privacy of citizens every day.
13 months ago
Thank you Senator, for giving the opportunity for Apple to tell the answers we all already know.
13 months ago
Congress should be looking closer at the Equifax mess nevermind the iphone. Besides, TouchID was only secure to 1 in 50,000(Which I had no idea of) and FaceID is 1 in 1,000,000.
13 months ago
new headline: resident old person didn't watch the keynote and is confused about face scanning phone
13 months ago
Someone needs to explain to Franken how serious the Equifax breech is and why it is a better use of his time.
13 months ago
Apple's stance on how it uses customer information is absolutely crystal clear...It has no plans nor does it have the ability to access your information on the device. Google on the other hand - They are in the business of selling your personal information to marketers.
[ Read All Comments ]
With several of our recent giveaways focusing on Apple's new iPhone models that are launching today in the US and several other countries, today's giveaway goes back to the Mac. Rain Design...
Belkin today introduced its BOOSTUP Wireless Charging Dock for wirelessly charging an iPhone and Apple Watch at the same time. There is also a USB-A port for charging a third device like an iPad via...
Best Buy's one-day sale today is discounting a collection of Apple Watch Series 3 models (GPS + Cellular) that have been officially refurbished by Geek Squad. Prices for the aluminum models are...
Apple has launched a new iPhone XS and iPhone XS Max "experience" micro-site that puts its ".apple" top-level domain to use, as discovered on Reddit.
As noted by 9to5Mac's...
Microsoft has revealed that Skype is coming to Alexa devices. The partnership between Microsoft and Amazon means that owners of devices in Amazon's Echo range will soon be able to make outgoing...
In iOS 12, Apple added a new Effects camera in Messages that's similar to the live camera features in Snapchat and Instagram, allowing you to take a photo in the Messages app and then edit it...
Apple has given a straight-to-series order for drama series "Defending Jacob," which will star Chris Evans, known for his roles in "Captain America" and "The Avengers,"...
In iOS 12, Apple has introduced new password-related features that are designed to make it easier for iPhone and iPad users to create strong, secure, and unique passwords for app and website logins....
