Apple's Beats brand in April unveiled the Powerbeats Pro, a redesigned wire-free version of its popular fitness-oriented Powerbeats earbuds.
Privacy Experts Raise Concerns Over iOS Developer Access to Certain Pieces of Facial Data
The iPhone X's facial recognition abilities continue to be found at the center of privacy concerns, with the American Civil Liberties Union and the Center for Democracy and Technology today raising questions over how "effectively" Apple can enforce certain privacy rules surrounding face scanning (via Reuters). Specifically, the privacy defending groups are worried about how certain pieces of facial data can be taken off the iPhone X by developers who seek to create entertainment features with the new smartphone's facial software.
Facial data that is used to unlock the iPhone X -- or data related to "Face ID" -- is securely stored on the device itself and not in iCloud. However, Apple will let developers take certain pieces of this facial data off the user's iPhone "as long as they seek customer permission and not sell the data to third parties," according to terms seen in a contract by Reuters. This means that developers who want to use the iPhone X's front-facing camera can get a "rough map" of the user's face, as well as a "stream of more than 50 kinds of facial expressions."
The data that developers can gather -- which can then be stored on the developer's own servers -- is said to help monitor how often users blink, smile, or even raise an eyebrow. Although this data can't unlock the iPhone X, according to documents about Face ID sent to security researchers, the "relative ease" with which developers can gain access to parts of a user's facial data and add it to their own servers has led to the new concerns raised by the ACLU and CDT today.
Apple has strict policies against developers using face data for advertising and marketing, but those concerned groups cited worry about the company's "inability to control what app developers do with face data once it leaves the iPhone X." Stanley said that "the hard part" for Apple will come from having to find and catch the apps that might be violating these policies, meaning that the big household names probably won't be of concern to Apple, "but there's still a lot of room for bottom feeders."
Now that the iPhone X is in the hands of reviewers, many have said that Face ID works quite well in many different conditions. Some outlets have taken to try and fool Face ID with large pieces of clothing, sunglasses, and "twin tests," the last of which have come back with mixed results. In its ongoing efforts to reassure customers of Face ID's security and privacy, Apple released an in-depth security white paper in September to highlight and explain some of these features of Face ID.
Facial data that is used to unlock the iPhone X -- or data related to "Face ID" -- is securely stored on the device itself and not in iCloud. However, Apple will let developers take certain pieces of this facial data off the user's iPhone "as long as they seek customer permission and not sell the data to third parties," according to terms seen in a contract by Reuters. This means that developers who want to use the iPhone X's front-facing camera can get a "rough map" of the user's face, as well as a "stream of more than 50 kinds of facial expressions."
The data that developers can gather -- which can then be stored on the developer's own servers -- is said to help monitor how often users blink, smile, or even raise an eyebrow. Although this data can't unlock the iPhone X, according to documents about Face ID sent to security researchers, the "relative ease" with which developers can gain access to parts of a user's facial data and add it to their own servers has led to the new concerns raised by the ACLU and CDT today.
That remote storage raises questions about how effectively Apple can enforce its privacy rules, according to privacy groups such as the American Civil Liberties Union and the Center for Democracy and Technology. Apple maintains that its enforcement tools - which include pre-publication reviews, audits of apps and the threat of kicking developers off its lucrative App Store - are effective.According to Jay Stanley, a senior policy analyst at the ACLU, the privacy issues surrounding facial recognition in the context of unlocking a smartphone "have been overblown." Stanley explained, "The real privacy issues have to do with access by third-party developers." The experts concerned about Face ID in this context are also not worried about "government snooping," but more about marketers and advertisers tracking how a user's expression reacts to their ads.
[...]But the relative ease with which developers can whisk away face data to remote servers leaves Apple sending conflicting messages: Face data is highly private when used for authentication, but it is sharable - with the user’s permission - when used to build app features.
Apple has strict policies against developers using face data for advertising and marketing, but those concerned groups cited worry about the company's "inability to control what app developers do with face data once it leaves the iPhone X." Stanley said that "the hard part" for Apple will come from having to find and catch the apps that might be violating these policies, meaning that the big household names probably won't be of concern to Apple, "but there's still a lot of room for bottom feeders."
Now that the iPhone X is in the hands of reviewers, many have said that Face ID works quite well in many different conditions. Some outlets have taken to try and fool Face ID with large pieces of clothing, sunglasses, and "twin tests," the last of which have come back with mixed results. In its ongoing efforts to reassure customers of Face ID's security and privacy, Apple released an in-depth security white paper in September to highlight and explain some of these features of Face ID.
Related Roundup: iPhone X
Tag: Face ID
[ 99 comments ]
Top Rated Comments
(View all)
24 months ago
Wowzers. Apple needs to put a privacy setting in place ASAP, to keep advertisers from being able to do things like "Smile at this ad to continue". Which advertisers can and will end up doing.
Or force you to look at the AD otherwise it stops playing, I think those are very reasonable concerns
24 months ago
This negates all the security Apple built in to FaceID. Allowing this data out is plane ridiculous. The next thing that will happen is the government demanding a real time feed. 1984 only 27 years late.
Have you been using the iOS 11 calculator? :D
24 months ago
Wowzers. Apple needs to put a privacy setting in place ASAP, to keep advertisers from being able to do things like "Smile at this ad to continue". Which advertisers can and will end up doing.
24 months ago
This negates all the security Apple built in to FaceID. Allowing this data out is plane ridiculous. The next thing that will happen is the government demanding a real time feed. 1984 only 27 years late.
Are you aware it's not 2011?
24 months ago
which can then be stored on the developer's own servers
This is the part that bothers me.
24 months ago
How is this much different than asking for access to camera data?
It's not the 30k points to map the face.
It's not the 30k points to map the face.
24 months ago
Too many people worry too much. Enjoy life and stop worrying.
Right. Let's all blindly trust like we had to with Equifax. What harm could arise? A round of Soma for everyone!
I think we should know when and how our data is being collected. I might allow some apps to use it for a very narrow purpose, i.e., passwords, but I want to know if they are using it for some other purpose too.
24 months ago
So really, these guys are worried that an app will somehow figure out how often they're smiling, blinking, or raising their eyebrows? That's ridiculous.
24 months ago
...which can then be stored on the developer's own servers...
Even if all developers stick to the strict Apple rules about this, what will happen if some of them get hacked and all the data is stolen? I mean this is quite a big possibility, especially since many developers do not have some "Top graded anti-NSA/breach" security on their servers.
Apple should never allow anyone to have access to this kind of data.
Even if all developers stick to the strict Apple rules about this, what will happen if some of them get hacked and all the data is stolen? I mean this is quite a big possibility, especially since many developers do not have some "Top graded anti-NSA/breach" security on their servers.
Apple should never allow anyone to have access to this kind of data.
[ Read All Comments ]
Following a couple of weeks of trickling out early invitations, Apple this week launched Apple Card for all U.S. customers, offering broad access to the new digital and physical credit card issued in...
For this week's giveaway, we've teamed up with Vessel to offer MacRumors readers a chance to win a Signature 2.0 Backpack.
Vessel makes all kinds of backpacks, briefcases, and bags, but...
Discounts on the latest iMacs remain ongoing this month, with Amazon and B&H Photo now offering a new all-time-low price on the 27-inch Retina iMac with 8GB RAM and a 1TB Fusion Drive. This model...
Google and Apple calendars are not playing friendly right now.
As alerted to us by multiple MacRumors readers, there appears to be a syncing issue with Google Calendar and Apple's...
Apple Music today launched a new curated playlist called "New Music Daily," which as the name suggests, is updated every day with fresh songs.
Made up of "new music you simply...
Taylor Swift revealed today on Instagram that she will be the next partner in Apple's "Music Lab" sessions, which are available in Apple retail stores.
The Music Lab session will...
Satechi today announced the Type-C Dual Multimedia Adapter, which plugs into two of the MacBook Pro's USB-C ports to offer a handful of add-on ports.
In total, this includes: one 4K HDMI...
Spotify today announced that it is extending its free-trial period for Spotify Premium to three months, up from the previous one month that users would have to try out the paid service. With this...
