The headline from Business Insider UK reads : Facebook is being sued for amassing the world’s largest stash of facial-recognition data
The article states …
The lawsuit alleges that this facial-recognition program violates the privacy of its users, citing an Illinois law called the Illinois Biometrics Information Privacy Acts, which requires companies to get written content from a user if it is collecting biometric data.
Further, according to the statute, the company must state the purpose and length of its data-collection program.
The idea being that Facebook collects and uses biometrics data without the requisite knowledge or consent of it’s 1.35 billion monthly users, or at least the ones in Illinois. Europe has actually prohibited the use of Facebook’s facial recognition technology, but I have to wonder how exactly does this work? Does i apply to individuals who use European addresses for their profiles? Or does it apply to all traffic on European servers and networks?
Facebook says the templates are “useless bits of data,” that only work with their own software and “users can opt out of the feature and their data will be deleted”. But this kind of explanation, regardless of its voracity, has never been convincing for any kind of personal data collection. Not even from leading biometric vendors or government agencies with large civil and criminal biometric databases.
Though it must be said that government biometric databases, at least within democratic and many not-so-democratic societies, are generally accompanying by clear (and hopefully) transparent rules regrading the collection, storage, management, use, and disposal of biometric data. And to date, there have been no known major breeches of government biometric databases that have led to catastrophic results. At least none that we know about.
Facebook and other commercial enterprises whose business model relines on collecting and monetizing personal data are, as yet, generally not subject to the same rules, transparency, or scrutiny. Though clearly European regulators did limit their use of biometrics, at least by Facebook, and the same is now being attempted in the US with the Illinois case.
What I find fascinating is that as companies, especially innovative hi-tech behemoths like Facebook, Google, embrace biometrics to simplify, secure, and enhance their social media, payment, and other services, not only do biometrics become demystified but the inherent capabilities of biometric technology actually begin to threaten the underlying business model that is driving their adoption.
Facebook and Google have voluminous knowledge of individuals who access the internet – preferences, friends and professional connections, shopping habits, games, information searches, overall internet footprint, etc. These massive data gathering machines have been parlayed into multi-billion dollar global enterprises. Corporate ownership, management, and sale of consumers’ personal information – information that is often far more difficult and costly to come by and far more intimate and invasive than biometrics – has become the foundation of the globalization of consumer marketing.
However, by integrating biometrics into mainstream consumer life, these companies may be threatening the very economic model that has allowed them to achieve meteoric success monetizing personal data. In essence, the integration of biometrics into IT based social media, finance, payment, and health ecosystems has the potential to deconstruct traditional ideas about and models of personal data ownership and control.
By enabling reliable anonymous identification, biometrics can greatly reduce, even eliminate, the need for the kind of personal information that is routinely required to conduct business, complete transactions, or engage in online interactions or research activities. Enabling this level or anonymity could fundamentally change consumer perceptions regarding their own personal data and the level of control they should have over who can access it, how it can be used, and certainly who can make money off to it.
This kind of “awakening” round “consumer centric privacy” could force companies like Facebook, Google, and other consumer knowledge based information brokers to transform their business models to align with new consumer expectations or become mere shadows of their former selves.
For more perspective, download Acuity ’s market brief The ABCs of Mobility: Apple®, Biometrics and the promise of Consumer Centric privacy .
And, stay tuned for the upcoming Global Biometrics and Mobility Report: The Convergence of Commerce and Privacy.