Just when the world was getting used to Touch ID, Apple has changed the rules.
Forget your fingers, the company announced at the Sept 12 launch of the iPhone X. We just need your face.
And while Apple's marketing guru Phil Schiller described the facial-recognition technology to open and operate the latest iPhone as perfectly safe – "Nothing," he said, "has ever been simpler or more secure." – much of the global audience seems wary of the technology the Cupertino company has dubbed Face ID.
From members of Congress to privacy-rights activists to the hoi polloi of the Twittersphere, a debate is already raging as fans and critics of facial-ID features weigh in with their applause and their concerns:
Senator Al Franken
In a Facebook post, Franken raised a number of alarm bells over his worries that Face ID could be used nefariously or in ways that threaten our Constitutional rights.
"I have questions about Apple's latest version of the iPhone, which will effectively become a testing site for the mass usage of facial recognition technology in our smartphones," he wrote on the site. "While I am encouraged by the steps that Apple states it has taken to implement the system responsibly, the addition of this new technology to the iPhone has serious privacy implications."
Franken said he wrote a letter to Apple CEO Tim Cook, asking him "a series of important questions about the iPhone X's Face ID system, including how users' "faceprints" will be protected and safeguarded, if at any point that data will be shared or sold to marketers, and whether law enforcement will be able to access the Face ID database. I also asked what steps Apple has taken to ensure that the technology treats different groups of people equally and to protect against racial, gender, or age bias."
Questions about privacy and security
An article at Quartz.com raised five "privacy and security concerns" about Face ID, starting with where Apple intends to store the millions of facial images recorded by the iPhone X's new set of cameras. "Apple has traditionally stored biometric data on its Secure Enclave, which is like a separate encrypted computer on your phone. If the data is only held on your iPhone, it's far safer than in the cloud."
The article raised a concern that was resonating across social media on Thursday: "What are the legal implications of opening your phone with your face? Will police be able to use your face to unlock your phone without a warrant? Matthew Segal, a legal director for the Massachusetts ACLU, says it's not yet clear how this might work in practice. (I'm sure we'll find out when the lawsuits start rolling in.)
And another question raised by the advent of facial-recognition technology is who else might be able to access the device's sensors that are essentially grabbing images of the user's face for Apple's own purposes? "Will apps not made by Apple be able to tap into FaceID to authenticate who you are, and could other developers access that to collect advertising metrics?" the article says.
"Emotional feedback and predicted interest in content could be valuable data for advertisers, but would also essentially turn your phone into a spying tool for any app you use."
Bloggers are all over the map
Techradar's Gareth Beavis called the iPhone X "a sensational-looking iPhone – but it obviously comes at a huge cost, and you'll have to wait to get it. Question marks remain over Face ID as a way of unlocking the phone, but if your face truly does get 'learned' over time, it could work well."
Over at The Verge, Vlad Savov wrote a nostalgic paean to the eventual demise of Touch ID thanks to Face ID, raising more questions about "potential security issues that Touch ID didn't have, such as someone unlocking your phone by just holding it up to your face. Apple has put preventive measures in place, including the demand for the user's eyes to be open, and it does claim there's a much lower chance of Face ID being spoofed or fooled than Touch ID. But still, even with a 1 in 1,000,000 chance of another person successfully logging into your phone via Face ID, biometrics remain a less secure (both practically and legally) method to keep your private data private."
A Wired reviewer raised another interesting question about how Face ID might not only be a threat to your privacy but a physical threat as well.
"The very notion of using your face as the key to your digital secrets presents some fundamental problems," said the review. "It's very hard to hide your face from someone who wants to coerce you to unlock your phone, like a mugger, a customs agent, or a policeman who has just arrested you. In some cases, criminal suspects in the US can invoke the Fifth Amendment protections from self-incrimination to refuse to give up their phone's passcode. That same protection doesn't apply to your face."
Edward Snowden gives a mixed review
The noted NSA leaker seemed a bit conflicted talking about the new iPhone's facial-identifying feature. But he sounded more worried about privacy than about the security of the person with the face opening the phone. In a tweet, Snowden offered a generally upbeat review of the biometric security system, but he was more cautious talking about the potential for abuse of facial scanning.
The angst of privacy advocates
Facial recognition being used as a surveillance tool by governments has long been a concern for privacy advocates. Yes, the technology could be used to help agents identify suspected terrorists. But at the same time the potential for abuse by political powers is very real.
"Once installed, this kind of a surveillance system rarely remains confined to its original purpose," the ACLU wrote in a Q&A on the subject.
"New ways of using it suggest themselves, the authorities or operators find them to be an irresistible expansion of their power, and citizens' privacy suffers another blow. Ultimately, the threat is that widespread surveillance will change the character, feel, and quality of American life." — San Jose Mercury News/Tribune News Service