Facebook's face recognition raises privacy complaints
This article is also available in:
Deutsch: Besorgnis über Facebooks Gesichtserkennung
Facebook has again been criticised by privacy advocates for its facial recognition feature that has recently been added to the social networking service, world-wide, without any previous announcement to its users.
Facebook users have the possibility to 'tag' themselves and their friends in the photos they upload to the site with pop-up captions that identify the people in the respective pictures. The new face recognition feature, which was launched in 2010 in US, now suggests automatically the names of people featured in photos uploaded by users.
"Once again, Facebook seems to be sharing personal information by default," said Graham Cluley of IT security firm Sophos who added: "Many people feel distinctly uncomfortable about a site like Facebook learning what they look like, and using that information without their permission. (...) Most Facebook users still don't know how to set their privacy options safely, finding the whole system confusing. It's even harder though to keep control when Facebook changes the settings without your knowledge. (...) The onus should not be on Facebook users having to 'opt-out' of the facial recognition feature, but instead on users having to 'opt-in'. Yet again, it feels like Facebook is eroding the online privacy of its users by stealth."
Facebook replied that the users could alter their settings so that their name would not be suggested for tagging. Beth Givens, director of the Privacy Rights Clearinghouse, considered that Facebook should have rather included an "opt-in" system for its users rather than applying an automatic tagging, letting them decide if they wanted the feature in the first place.
The Electronic Privacy International Center (EPIC) has organised a complaint to the Federal Trade Commission in the US and asked several other privacy groups to sign it. Marc Rotenberg, president of EPIC, said the system raised questions related to personally identifiable information, such as email addresses, that would be associated with the photos in Facebook's database.
The UK Data Protection Authority (Information Commissioner's Office - ICO) also made an official statement on the matter asking Facebook to tell users how they use personal information stored about them. "The privacy issues that this new software might raise are obvious and users should be given as much information as possible to give them the opportunity to make an informed choice about whether they wish to use it. We are speaking to Facebook about the privacy implications of this technology," the ICO said. Facebook's new feature will be studied by ICO, but also by the Article 29 Working Party.
"Tags of people on pictures should only happen based on people's prior consent and it can't be activated by default," said Gérard Lommel, a Luxembourg member of the Working Party who added that automatic tagging suggestions "can bear a lot of risks for users" and the European data protection officials would "clarify to Facebook that this can't happen like this."
Having in view the reactions, Facebook admitted it had not handled the situation properly. "We should have been more clear with people during the roll-out process when this became available to them," was the company statement of 8 June. The company has added an option letting users opt out of the new feature, though it did not alert them when the new feature took effect or when the option was added.
Facebook hit by privacy complaints (9.06.2011)
Data protection watchdogs to probe Facebook about its use of facial
recognition technology (9.06.2011)
Facebook 'Face Recognition' Feature Draws Privacy Scrutiny (8.06.2011)
Facebook criticised for not telling users about new facial recognition
Facebook in new privacy row over facial recognition feature (8.06.2011)