Privacy watchdog probes Facebook facial recognition

Privacy watchdog probes Facebook facial recognition

Summary: The Information Commissioner's Office is talking to Facebook about its new facial recognition technology, which suggests name tags for people's photos

TOPICS: Security

The Information Commissioner's Office is looking into possible privacy issues with Facebook's rollout of facial recognition technology, which came to light on Tuesday.

Facebook facial recognition feature

The Information Commissioner's Office is to look into Facebook's new facial recognition software, which attempts to match images to users' faces. Photo credit: Facebook

The UK data protection authority is talking to the social-networking company about its facial recognition technology, which scans photos uploaded to its site, attempts to match them to Facebook friends and then suggests usernames with which to tag the images. Facebook enables this feature by default, meaning that people must change their account settings if they do not want to be identified.

Read this

Schneier: Facebook kills privacy for profit

Social-networking sites such as Facebook are eroding privacy to sell content to advertisers, according to BT chief security technology officer Bruce Schneier

Read more+

"As with any new technology, we would expect Facebook to be upfront about how people's personal information is being used," said the Information Commissioner's Office (ICO) in a statement on Thursday. "The privacy issues that this new software might raise are obvious, and users should be given as much information as possible to give them the opportunity to make an informed choice about whether they wish to use it. We are speaking to Facebook about the privacy implications of this technology."

The potential issue is whether Facebook should have explicitly informed users about the addition of the feature. Its rollout has been going on outside the US "for the last several months" without customer notification that default settings had been activated, Facebook said in a post to its blog on Tuesday.

"We're talking to Facebook to see how the software was put into play, and whether privacy implications were taken into account," an ICO spokesman told ZDNet UK.

European watchdogs

The issue will be raised in a meeting of the European privacy regulators who form the Article 29 Working Party, but no official action has been initiated, the European Data Protection Supervisor (EDPS) said on Thursday.

"The Working Party is not officially following the issue, but the technology subgroup of the Working Party will in any case be informed," said a spokeswoman for the EDPS, which oversees European data privacy.

Social-network sites should offer privacy-friendly default settings that do not allow any access to user's profile content without specific consent.

– Dutch Data Protection Authority

The Dutch Data Protection Authority (College Bescherming Persoonsgegevens), which currently chairs the Article 29 Working Party, declined to comment specifically on the case, but noted that there are general guidelines for such situations.

"Social-network sites should offer privacy-friendly default settings that do not allow any access to user's profile content without specific consent that is beyond their self-selected contacts in order to reduce the risk of unlawful processing by third parties," said a spokeswoman for the data protection authority.

Facebook on Thursday acknowledged the ICO probe and the interest from European regulators, but said it did not believe its implementation of facial recognition had any privacy implications.

"We have heard the comments from some regulators about this product feature, and we are providing them with additional information which we are confident will satisfy any concerns they will have," Facebook said in statement.

ZDNet UK understands that Facebook's position is that it is not being investigated and that it informed privacy regulators in Europe of its facial recognition technology in December, when it introduced the tool in the US.

Facebook should have been 'more clear'

Facebook has already acknowledged that it should have been "more clear" about the rollout, which has been almost global.

"When we announced this feature last December, we explained that we would test it, listen to feedback and iterate before rolling it out more broadly," said Facebook in a statement on Tuesday. "We should have been more clear with people during the rollout process when this became available to them. Tag Suggestions are now available in most countries, and we'll post further updates to our blog over time."

At present, the European Commission is examining potential changes to European data protection laws. On Thursday, the European Commission said it is not looking into Facebook facial recognition, but that new uses of social-networking technology would inform its overhaul of European data protection laws.

"It's too early to say what kind of effect [the facial recognition] will have," justice commissioner spokesman Matthew Newman told ZDNet UK. "Facebook has already backtracked and apologised. We take into account all new technologies since 1995. We need to modernise the rules."

Newman said that customers are very often not informed of new services on social-networking sites, and that often it is not clear how data is used. "Transparency is going to be a big part of the reforms," he said.

Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.

Topic: Security

Tom Espiner

About Tom Espiner

Tom is a technology reporter for He covers the security beat, writing about everything from hacking and cybercrime to threats and mitigation. He also focuses on open source and emerging technologies, all the while trying to cut through greenwash.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Great post revealing one of Facebooks biggest problem; the fact that they are not transparent. I came across your post from this blog about Google+, which suggests that Google+ could overtake facebook mainly because Google is far more trusted and transparent. I like facebook but I do feel that the continual privacy issues they have is shocking considering they are such a big brand.
  • blog i mentioned above found here;