Privacy: Senator Al Franken has a lot of concerns about Face ID on the Apple iPhone X
From the moment Apple started to talk about Face ID, there were concerns voiced about privacy and security. It's not just security experts and potential users who have these worries; Senator Al Franken has written to Tim Cook asking for details about the safeguards Apple has put in place to protect users.
On top of this, Franken wants to know more about how Apple trained the Face ID algorithm, and seeks assurances that third parties will not be able to access or be granted access to Face ID data.
In a letter dated September 13, Senator Franken says: "As I have previously highlighted in communications with Apple regarding Touch ID, there are significant differences between the privacy and security of passwords versus that of biometric data, such as fingerprints and faceprints. Unlike a password, an individual's faceprint is permanent, public, and uniquely identifies its owner."
He goes on to say:
As a result, should a bad actor gain access to the faceprint data that Face ID requires, the ramifications could last forever, particularly if Apple's biometric technology comes to be used in other devices and settings. Furthermore, Apple itself could use the data to benefit other sectors of its business, sell it to third parties for surveillance purposes, or receive law enforcement requests to access it facial recognition system -- eventual uses that may not be contemplated by Apple customers.
Calling for transparency from Apple, Senator Franken seeks reassurance that the locally stored Face ID data cannot be extracted from an iPhone X either by Apple or a third party, remotely or locally. He also wants to know whether Apple would consider storing such data in the cloud in the future.
He asks where Apple obtains the one billion images the company said it used to train Face ID, and how racial, gender and age diversity, and bias protection is ensured. Another question asks Apple to explain how it is protecting users against photographs or masks being used to fool Face ID, and seeks confirmation that facial data will never be used for anything other than Face ID tasks.
Franken also asks:
- Should Apple eventually determine that there would be reason to either begin storing faceprint data remotely or use the data for a purpose other than the operation of Face ID, what steps will it take to ensure users are meaningfully informed and in control of their data?
- In order for Face ID to function and unlock the device, is the facial recognition system "always on," meaning does Face ID perpetually search for a face to recognize? If so:
- Will Apple retain, even if only locally, the raw photos of faces that are used to unlock (or attempt to unlock) the device?
- Will Apple retain, even if only locally, the faceprints of individuals other than the owner of the device?
- What safeguards has Apple implemented to prevent the unlocking of the iPhone X when an individual other than the owner of the device holds it up to the owner's face?
But perhaps the most pressing question -- particularly given requests from law enforcement agencies in the past -- is "How will Apple respond to law enforcement requests to access Apple's faceprint data or the Face ID system itself?"
Franken requests that Apple responds to his questions within a month.