Apple’s X-Cellent Response to Sen. Franken’s Queries Regarding Facial Recognition Technologies

Oct 24, 2017

By Dawn Ingley


See all of Our JDSupra Posts by Clicking the Badge Below

View Patrick Law Group, LLC

Recently, I wrote an article outlining the growing body of state legislation designed to address and mitigate emerging privacy concerns over facial recognition technologies.  It now appears that the issue will be examined at the federal level.  In September, Senator Al Franken of Minnesota, concerned that certain Apple technologies would be used to benefit other sectors of its business, as a “big data” profit center or to satisfy law enforcement agency requests, issued a series of pointed questions to Apple regarding its iPhone X’s FaceID.  That letter included the following questions:

  • Is it possible for Apple or a third party to extract faceprint data from iPhone X?
  • How was the FaceID algorithm developed and how did Apple gather data for the algorithm?
  • How does Apple protect against racial, gender or age bias in FaceID?
  • How does FaceID distinguish between an actual face of a person, as opposed to the photograph of that face?
  • Can Apple assure users that it will never share faceprint data?
  • Does FaceID cause the device to continually “look” for a facial profile and in doing so, does it record other faces as well?

The response from Apple, made public on October 17th, was quite illuminating:

  • FaceID works by using iPhone X’s TrueDepth camera to scan and analyze a user’s face based on depth perception maps and two-dimensional technology.  That scan is then authenticated with images stored in iPhone X’s Secure Enclave.
  • Data from the Secure Enclave is never backed up to the cloud, does not leave the device and isn’t even saved in device backups.  Scanned faces are deleted after being used to unlock iPhone X.
  • The neural network that helps to form the algorithm was created from over a billion images from individuals who provided specific consent to Apple.  Further, a broad cross-section of individuals spanning gender, race, ethnicity, and age, was leveraged to create the algorithm.
  • Passcodes will still be available to unlock devices if users choose not to use FaceID.
  • Any third party applications that leverage FaceID for authentication don’t actually access FaceID; rather, those apps are notified only as to whether authentication was approved.

As ranking member on the Judiciary Committee, Subcommitee on Privacy, Technology and the Law, Senator Franken’s foray into technology and privacy matters is not new.  In 2013, he presented a similar set of questions when Apple introduced the iPhone 5S Touch ID fingerprint scanner.   Shortly after that inquiry, Apple published a white paper outlining the steps it had taken with Touch ID to assure Senator Franken that privacy concerns were of the highest priority to Apple.  The collaboration between Senator Franken and Apple is vital in a time when a body of privacy laws to address facial recognition technologies is still emerging and protections are lacking in most jurisdictions.  It will be interesting to see if other technology providers embrace a similar level of transparency in their product rollouts.

OTHER THOUGHT LEADERSHIP POSTS:

Apple’s X-Cellent Response to Sen. Franken’s Queries Regarding Facial Recognition Technologies

By Dawn Ingley See all of Our JDSupra Posts by Clicking the Badge Below Recently, I wrote an article outlining the growing body of state legislation designed to address and mitigate emerging privacy concerns over facial recognition technologies.  It now appears that...

Pros and Cons of Hiring a Security Rating Agency

By Jennifer Thompson See all of Our JDSupra Posts by Clicking the Badge Below One can hardly check out any news outlet today without reading or hearing about a security breach.  Experts frequently advocate performing internal assessments to identify security...

Part II of III | FTC Provides Guidance on Reasonable Data Security Practices

By Linda Henry See all of Our JDSupra Posts by Clicking the Badge Below This is the second in a series of three articles on the FTC’s Stick with Security blog. Part I of this series can be found here. Over the past 15 years, the Federal Trade Commission (FTC) has...

Part I of III | FTC Provides Guidance on Reasonable Data Security Practices

By Linda Henry See all of Our JDSupra Posts by Clicking the Badge Below Over the past 15 years, the Federal Trade Commission (FTC) has brought more than 60 cases against companies for unfair or deceptive data security practices that put consumers’ personal data at...

Data Scraping, Bots and First Amendment Rights

By Linda Henry See all of Our JDSupra Posts by Clicking the Badge Below A recent case involving a small workforce analytics startup fighting for its right to extract data from the largest professional networking site on the Internet may set a precedent for applying...

When 2017 Becomes 1984: Facial Recognition Technologies – Face a Growing Legal Landscape

By Dawn Ingley See all of Our JDSupra Posts by Clicking the Badge Below Recently, Stanford University professor and researcher Michal Kosinski caused a stir of epic proportions and conjured up visions of George Orwell’s 1984 in the artificial intelligence (AI)...

PMI – An Insider’s Guide – Part 3: What to do When You’re Asked to Assist in a Potential Acquisition – Post-Integration Run Phase and the Wheels Have Come Off

By Peggy Abood See all of Our JDSupra Posts by Clicking the Badge Below See PMI – An Insider’s Guide - Part 1 here. See PMI – An Insider’s Guide - Part 2 here. See PMI – An Insider’s Guide - Part 3 here. This is the third in a series of three articles on post-merger...

PMI – An Insider’s Guide – Part 2: What to do When You’re Asked to Assist in a Potential Acquisition – Between Signed and Closed Phase

By Peggy Abood See all of Our JDSupra Posts by Clicking the Badge Below See PMI – An Insider’s Guide - Part 1 here. See PMI – An Insider’s Guide - Part 2 here. See PMI – An Insider’s Guide - Part 3 here. Your day starts with headlines screaming across the Internet –...

PMI – An Insider’s Guide – Part 1: What to do When You’re Asked to Assist with a Potential Acquisition – Due Diligence Phase

By Peggy Abood See all of Our JDSupra Posts by Clicking the Badge Below See PMI – An Insider’s Guide - Part 1 here. See PMI – An Insider’s Guide - Part 2 here. See PMI – An Insider’s Guide - Part 3 here. The Internet is jammed with articles reporting that most merger...

Just Push the Button! Instagram’s Response to Influencers, Hashtags and Disclosures

By Farah Cook See all of Our JDSupra Posts by Clicking the Badge Below In April, the Federal Trade Commission (“FTC”), after reviewing Instagram posts by celebrities, athletes, and social media influencers, issued 90 letters reminding influencers and marketers about...