Face off: The next big digital privacy scandal

Tom Gillingham

Facebook is still reeling from the Cambridge Analytica revelations and, against this backdrop of intense scrutiny, the rise of facial recognition software seems like a digital privacy time bomb waiting to explode.

There may be further twists as the world’s largest social network desperately tries to wrestle back control of its corporate narrative, but the next big privacy scandal could literally be staring us in the face.

Facial recognition is one of the fastest-growing technologies in the world with a huge number of applications, but it also has almost limitless potential to trigger communications crises for companies in this space.

The technology is already unlocking iPhones in California, and locking up criminals in Zhangshu – evidence of its exploding global use.

Despite its recent travails, Facebook is apparently shrugging off Cambridge Analytica-related reputation and trust issues by ploughing on with its plans for the rollout of facial recognition technology in Canada and Europe .

And, on the subject of Europe, facial recognition technology is now being talked about in the same breath as Brexit. The Government-backed start up called Iproov is already touting its software as part of a potential solution to the UK/Ireland border issue post-Brexit.

As this technology becomes more commonplace in the public and private sectors, there appear to be two potential triggers for a face-based privacy crisis.


A significant public backlash that could pose a profound reputational risk to companies using the technology

The first is the risks around the storage and usage of this sensitive information. Facebook’s latest proposals include allocating every user an ID number, linked to their facial details. They’re not alone on this front either – if you’ve installed a recent update on your iPhone you’ll see it’s automatically collating a group of the most photographed faces from your camera roll and Google photos has had this capability since 2015.

When the first major breach relating to facial data occurs, there is likely to be a significant public backlash that could pose a profound reputational risk to companies using the technology.

Apple has gone to great lengths to reassure users that their data is encrypted on their device – but this policy quickly gets woollier when it comes to sharing with third party apps. This line of defence simply isn’t feasible for companies like Facebook and Google that require a user to store this information online, however.

The second trigger is the implications for personal reputation. It’s not hard to imagine a scenario where a public figure is automatically identified or even worse, misidentified, in a previously unseen video, with significant repercussions. Or what about prospective employers running facial recognition programmes on applicants to weed out any past indiscretions?

While these scenarios are deliberately alarmist, the use of facial data is particularly intrusive. And, short of adopting some pretty outlandish hairstyles, there isn’t much the average person can do to prevent this information being harvested.

Companies investing in this technology, and collecting this sort of data must therefore understand the powerful backlash that will occur if information gathered via facial recognition software is perceived to be misused or, worse, falls into the wrong hands. It is the undeniably human element of this particular data that means a facial recognition privacy scandal will be far bigger and more fundamentally damaging than those that have gone before.