Meta pulls facial recognition code from smart glasses after investigation

• One day after WIRED revealed Meta had embedded an unreleased facial recognition system called “NameTag” into the Meta AI app, Meta silently removed the code from its latest update but refused to explain why.
• NameTag was designed to convert faces captured by Meta’s smart glasses into biometric signatures and compare them against a locally stored database, with unrecognized faces being cropped, indexed and stored.
• Meta is facing a class action lawsuit alleging it unlawfully collects sensitive healthcare data through Meta Pixel, a tracking code found on 33 of the top 100 U.S. hospitals’ websites and in seven password-protected patient portals.
• Meta has been accelerating its healthcare ambitions by hiring health algorithm specialists and former American College of Cardiology chief science officer John Rumsfeld, while developing smart glasses and Oculus VR for potential medical applications.
• ACLU’s Kade Crockford stated that Meta’s removal of NameTag code does not undo the original decision to ship it and urged state lawmakers to pass strong consumer privacy laws with private right of action.

Just one day after WIRED magazine revealed that Meta had quietly embedded an unreleased facial recognition system into the Meta AI app installed on more than 50 million smartphones, the tech giant silently stripped the code out of its latest update but refused to say why or whether the feature will ever return.

The revelation marks the latest chapter in Meta’s controversial push into healthcare and biometric technology, raising fresh alarms about user privacy at a company already facing a class action lawsuit over the alleged unlawful collecting of sensitive healthcare data about patients for targeted advertising.

According to a WIRED analysis of the latest version of the Meta AI companion app, which powers Meta’s line of smart glasses, the newly released update removes virtually all traces of the internally named “NameTag” system. The previous version included several code libraries explicitly named for face recognition. Friday’s release includes none of them.

Andy Stone, Meta’s vice president of communications, told WIRED that the feature is purely exploratory, adding: “No final decision has been made on what to do here, if anything.” But critics say the company’s actions speak louder than its words.

What NameTag could have done

WIRED reported that Meta had quietly integrated substantial portions of NameTag into the Meta AI app since at least January. Though never publicly enabled, the feature was designed to convert faces captured by the glasses into unique biometric signatures, commonly known as faceprints and compare them against a database stored on the user’s device. Faces the system failed to recognize were cropped, indexed and stored locally for future processing.

NameTag first surfaced in February when the New York Times, citing internal Meta documents, reported the company was developing face recognition for its smart glasses and weighing a launch as soon as this year. One internal memo reportedly described releasing the feature during a dynamic political environment, when privacy and civil liberties advocates would be distracted.

After WIRED‘s report, Meta’s chief technology officer, Andrew Bosworth, called the reporting incredibly misleading and absolutely dishonest. Yet the company declined to answer 10 questions WIRED posed before publication, including whether it had already created the database of face profiles NameTag uses, how long the app retains photographs and biometric data of unrecognized people and whether that data would ever be sent back to Meta’s servers.

The healthcare connection

Meta’s foray into facial recognition comes as the company accelerates its ambitions in healthcare, a sector where trust is paramount and privacy violations can have devastating consequences. Earlier this year, Meta posted job listings for health algorithm specialists, architects and communication managers in New York and California.

It also hired John Rumsfeld, formerly chief science officer at the American College of Cardiology, to lead Meta’s health technology research. The company has been developing smart glasses and the Oculus VR platform, which have potential healthcare applications including remote monitoring of critically ill patients, better clinical data insights and augmented physical health tracking.

But Meta’s track record on privacy casts a long shadow over these efforts. The company is currently facing a class action lawsuit alleging it unlawfully collects sensitive healthcare data about patients for targeted advertising through a product called Meta Pixel, a stealthy piece of code injected into websites to track button clicks, scrolling patterns, form entries and IP addresses.

The suit alleges that the tracking and data collection take place in medical portals beyond login walls, where patients enter highly sensitive information about themselves, their conditions, doctors, prescribed medication and more. According to the lawsuit, neither the hospitals nor Meta informs patients about the data collection or requests consent. Plaintiffs reportedly realized their privacy was violated when Facebook began targeting them with advertisements tailored explicitly for their medical conditions.

As noted by BrightU.AI‘s Enoch, a recent investigation found Meta Pixel in use on 30% of the 80,000 most popular websites, including many healthcare-related sites. The suit states that Meta’s tracking code is present on the websites of 33 of the top 100 U.S. hospitals, representing over 26 million patient and outpatient visits in 2020. In seven instances, the code runs beyond password-protected patient portals.

What remains and what’s missing

The newly released version of Meta AI removes nearly all traces of NameTag. Gone is the face-recognition software itself, the code that ran the recognition process and the “Person recognized” alert. The update also strips out a folder where the app would have stored cropped images and biometric signatures of unrecognized faces.

“A few fragments remain, including an internal debug menu label and a dormant link meant to open a recognized person’s profile pointing to parts of the system that are no longer there,” WIRED noted. Meta did not answer questions about why the code was removed or whether the changes were planned before WIRED‘s story broke.

Kade Crockford, director of the technology for liberty program at the American Civil Liberties Union of Massachusetts, said the removal didn’t undo the original decision to ship the code. Crockford noted that the Massachusetts House of Representatives last week unanimously passed a consumer privacy bill that, if enacted as written, would impose strong enforcement provisions and urged other states to follow, especially with a private right of action that lets aggrieved users sue.

“State lawmakers need to do their job and step up to protect consumer privacy,” Crockford said. “Meta’s sneaky tactics in slipping the face-recognition code into its smart glasses show exactly why data privacy bills need the teeth of strong enforcement. Companies like Meta prioritize their bottom line, so lawmakers need to speak in the only language its C-suite understands.”

Watch this video about 40 states suing Meta.

This video is from the Scriptural Scrutiny channel on Brighteon.com.

Sources include:

ArsTechnica.com

BrightU.ai

Brighteon.com