Facebook has learned what you look like, and Sen. Al Franken (D-Minn.) isn’t sure that’s for the best.
In fact, he seems pretty dang sure the company will inevitably use your “faceprint” for something sinister or at least unapproved at some point in the future — if regulators let this go unchecked.
As Facebook ramps up its facial recognition technology, regulators around the world aren’t being shy about raising their concerns. Officials in Norway have probed the use of this tech, and other EU privacy regulators have been investigating the matter as well.
Franken noted that Facebook “won’t be waiting for [regulators] before it reaches pervasive deployment” of facial recognition technology.
“Last year,” he continued, “I pressed Facebook to assure its users that it would never share or sell this database to third parties. A Facebook representative responded, ‘It’s difficult to know in the future what Facebook will look like five or ten years down the road, and so it’s difficult to respond to that hypothetical.'”
In other words, your face is now on its way to becoming part of Facebook’s business in one form or another.
Unless Franken has something to say about it, of course.
Here’s the full text of the letter, as well as Facebook’s correspondence to Franken:
November 21, 2013
The Honorable Lawrence E. Strickling
Assistant Secretary for Communications and Information
National Telecommunications and Information Administration
U.S. Department of Commerce
1401 Constitution Avenue, N.W., Room 4725
Washington, D.C. 20230
Re: Multistakeholder Process to Develop Consumer Data Privacy Codes of Conduct
Dear Assistant Secretary Strickling:
In my April 2, 2012 submission to the NTIA, I recommended that the multistakeholder process consider the privacy implications of facial recognition technology, and seek to develop best practices on its use. As I explained in my filing, facial recognition technology can allow a stranger to identify you, by name and in secret, from a photograph taken on the street or copied from the Internet. It has serious implications for consumer privacy and personal safety. Unfortunately, our privacy laws provide no express protections for facial recognition data; under current law, any company can use facial recognition technology on anyone without getting their permission – and without any meaningful transparency. Press reports from this summer suggested that facial recognition was the likely next item for debate. I’m writing to renew my request that the NTIA take up this subject, and urge you to do so as quickly as possible.
The urgency of this matter is underlined by Facebook’s recent expansion of its facial recognition database – already likely the largest in private hands. In 2010, Facebook enrolled its then-800 million users into its facial recognition program – without their express consent. In my filing, I made a conservative estimate that this database includes one-twentieth of the world’s population. Last year, in a hearing in the Senate Judiciary Subcommittee on Privacy, Technology and the Law, which I chair, I pressed Facebook to assure its users that it would never share or sell this database to third parties. A Facebook representative responded: “It’s difficult to know in the future what Facebook will look like five or ten years down the road, and so it’s difficult to respond to that hypothetical.”
In September, I asked Facebook: How many faceprints do you have? Facebook declined to say, indicating that “we consider the exact number of templates that we store to be commercially sensitive and proprietary information.” Facebook’s reply, along with my original letter, is enclosed.
I will be exploring legislation to protect the privacy of biometric information, particularly facial recognition technology. But I believe it would be extremely valuable for the NTIA to convene industry stakeholders and privacy advocates to establish consensus-driven best practices for the use of this technology – which won’t be waiting for us before it reaches pervasive deployment.
Thank you for your time and attention to this matter.
Chairman, Subcommittee on Privacy,
Technology, and the Law
CC: Chairwoman Edith Ramirez
Commissioner Julie Brill
Commissioner Maureen Ohlhausen
Commissioner Joshua Wright
Federal Trade Commission