[11/2/16] Facebook Inc.’s software knows your face almost as well as your mother does. And like mom, it isn’t asking your permission to do what it wants with old photos.
While millions of internet users embrace the tagging of family and friends in photos, others worried there’s something devious afoot are trying to block Facebook as well as Google from amassing such data.
As advances in facial recognition technology give companies the potential to profit from biometric data, privacy advocates see a pattern in how the world’s largest social network and search engine have sold users’ viewing histories for advertising. The companies insist that gathering data on what you look like isn’t against the law, even without your permission.
If judges agree with Facebook and Google, they may be able to kill off lawsuits filed under a unique Illinois law that carries fines of $1,000 to $5,000 each time a person’s image is used without permission — big enough for a liability headache if claims on behalf of millions of consumers proceed as class actions. A loss by the companies could lead to new restrictions on using biometrics in the U.S., similar to those in Europe and Canada.
Facebook declined to comment on its court fight. Google hasn’t responded to requests for comment (Scroll down for a closer look at the court cases).
Courts have struggled over what qualifies as an injury to pursue a privacy case in lawsuits accusing Facebook and Google of siphoning users’ personal information from e-mails and monitoring their web browsing habits. Suits over selling the data to advertisers have often failed.
This year, the U.S. Supreme Court set a “concrete injury” standard for privacy suits, a ruling that both sides are using to argue their case ahead of a hearing Thursday in San Francisco over Facebook’s bid to dismiss the biometrics case.
Google is fending off suits in Chicago, arguing that the Illinois statute can’t apply outside the state under the Constitution’s interstate commerce rules. Google also contends the Illinois law doesn’t regulate photos.
Facebook encourages users to “tag” people in photographs they upload in their personal posts and the social network stores the collected information. The company uses a program it calls DeepFace to match other photos of a person. Alphabet Inc.’s cloud-based Google Photos service uses similar technology.
The billions of images Facebook is thought to be collecting could be even more valuable to identity thieves than the names, addresses, and credit card numbers now targeted by hackers, according to privacy advocates and legal experts.
While those types of information are mutable—even Social Security numbers can be changed—biometric data for retinas, fingerprints, hands, face geometry and blood samples, are unique identifiers.
“Biometric identifiers are a key way to link together information about people,” such as discrete financial, medical and educational records, said Marc Rotenberg, the president of the Electronic Privacy Information Center, who isn’t involved in the case. Facebook has “cleverly got its users to improve the accuracy of its own database,” he said.