“Apple Inc. won accolades from privacy experts in September for assuring that facial data used to unlock its new iPhone X would be securely stored on the phone itself,” Stephen Nellis reports for Reuters. “But Apple’s privacy promises do not extend to the thousands of app developers who will gain access to facial data in order to build entertainment features for iPhone X customers, such as pinning a three-dimensional mask to their face for a selfie or letting a video game character mirror the player’s real-world facial expressions.”

“Apple allows developers to take certain facial data off the phone as long as they agree to seek customer permission and not sell the data to third parties, among other terms in a contract seen by Reuters,” Nellis reports. “App makers who want to use the new camera on the iPhone X can capture a rough map of a user’s face and a stream of more than 50 kinds of facial expressions. This data, which can be removed from the phone and stored on a developer’s own servers, can help monitor how often users blink, smile or even raise an eyebrow.”

“That remote storage raises questions about how effectively Apple can enforce its privacy rules, according to privacy groups such as the American Civil Liberties Union and the Center for Democracy and Technology,” Nellis reports. “The data available to developers cannot unlock a phone; that process relies on a mathematical representation of the face rather than a visual map of it, according to documentation about the face unlock system that Apple released to security researchers.”

“Though they praised Apple’s policies on face data, privacy experts worry about the potential inability to control what app developers do with face data once it leaves the iPhone X, and whether the tech company’s disclosure policies adequately alert customers,” Nellis reports. “With the iPhone X, the primary danger is that advertisers will find it irresistible to gauge how consumers react to products or to build tracking profiles of them, even though Apple explicitly bans such activity. ‘Apple does have a pretty good historical track record of holding developers accountable who violate their agreements, but they have to catch them first – and sometimes that’s the hard part,’ the ACLU’s Stanley said. ‘It means household names probably won’t exploit this, but there’s still a lot of room for bottom feeders.'”

Read more in the full article here.

MacDailyNews Take: On something like this, it’s better to be paranoid than not. Of course, Apple and iOS are very good about making this sort of thing opt-in – the user must approve apps’ access to facial data – but, there should still be some mechanism to identify and punish anyone who uses the data inappropriately.

That said, according to iMore‘s Rene Ritchie, “Once the app asks for authentication, it hands off to the system, and all it ever gets back is that authentication or rejection. Apple has a separate system, built into ARKit, the company’s augmented reality framework, that provides basic face tracking for Animoji or any apps that want to provide similar functionality, but it only gets rudimentary mesh and depth data, and never gets anywhere near Face ID data or the Face ID process.”

SEE ALSO:
Apple: Privacy is a fundamental right – September 27, 2017
Apple begins mining browsing data in Safari via differential privacy – September 26, 2017
Apple explains how it’s making Siri smarter without endangering user privacy – September 11, 2017
Apple’s cutting-edge ‘differential privacy’ is opt-in – June 24, 2016
Apple’s cutting-edge ‘differential privacy’ offers unique option for technology users – June 20, 2016
Apple’s use of cutting-edge tech will peek at user habits without violating privacy – June 16, 2016
Apple unveils iOS 10, the mother of all iOS releases – June 13, 2016
Apple previews major update with macOS Sierra – June 13, 2016
Apple seeks to use AI to keep Google off your iPhones, iPads, and Macs – June 15, 2016
Edward Snowden: Apple is a privacy pioneer – June 5, 2015
Tim Cook gets privacy and encryption: We shouldn’t surrender them to Google – June 4, 2015
Tim Cook attacks Google, U.S. federal government over right to privacy abuses – June 3, 2015
The price you’ll pay for Google’s ‘free’ photo storage – June 3, 2015
Apple CEO Tim Cook champions privacy, blasts ‘so-called free services’ – June 3, 2015
Passing on Google Photos for iOS: Read the fine print before you sign up for Google’s new Photos service – June 1, 2015
Why Apple’s Photos beats Google Photos, despite price and shortcomings – May 30, 2015
Is Apple is losing the photo wars? – May 29, 2015
How Google aims to delve deeper into users’ lives – May 29, 2015
Apple CEO Cook: Unlike some other companies, Apple won’t invade your right to privacy – March 2, 2015
Survey: People trust U.S. NSA more than Google – October 29, 2014
Edward Snowden’s privacy tips: ‘Get rid of Dropbox,” avoid Facebook and Google – October 13, 2014
Apple CEO Tim Cook ups privacy to new level, takes direct swipe at Google – September 18, 2014
Apple will no longer unlock most iPhones, iPads for government, police – even with search warrants – September 18, 2014
U.S. NSA watching, tracking phone users with Google Maps – January 28, 2014
U.S. NSA secretly infiltrated Yahoo, Google data centers worldwide, Snowden documents say – October 30, 2013
Google has already inserted some U.S. NSA code into Android – July 10, 2013
Court rules NSA doesn’t have to reveal its semi-secret relationship with Google – May 22, 2013