No one forces you to buy iPhones, unlike Aadhaar. But if you do, there might be cause for worry.
Published Sep 14, 2017 · 10:30 am
A rather common argument from people who would rather dismiss the privacy concerns over India’s biometric identity project, Aadhaar, is to point out how many willingly give their biometrics to other entities like their companies, foreign embassies or internet behemoths like Apple and Google. On Wednesday, when Apple unveiled the new iPhone X with its new FaceID feature, which allows you to unlock the phone simply by looking at it, the same questions came up: All those activists who complain about Aadhaar intruding on privacy, will they criticise Apple too?
The short answer is: Yes. There are many privacy concerns about Apple’s new technology, similar to questions raised about other uses of facial recognition especially as a way to unlock protected data. Some of these have to do with whether authorities can force you to unlock your phone by simply making you look at it. Others have to do with how securely the data about your face is kept and who has access to it. An entirely new question, consider Apple’s massive influence over smartphone design, is the iPhone X’s power to normalise always-on facial recognition without safeguards, a deeply disconcerting proposition.
What is the iPhone X’s FaceID?
The new $1,000 iPhone comes with a brand new set of sensors that will allow you to unlock your phone without having to touch it. All you have to do is look at it, and it will be unlocked. Look away, and it will be locked again. Apple says FaceID uses the front-facing camera and a host of sensors to create a 3D map of your face, that must then be matched for the phone to be unlocked.
The company took special efforts to insist that FaceID accounts for depth, so you cannot just use a photo of someone, and active attention, so a sleeping or unconscious person’s face cannot be used to unlock the phone. Whether it is as robust as the company claims remains to be seen, especially considering earlier attempts at the technology have been fooled by simple photoshopping.
Why is it not like Aadhaar?
The obvious answer, but one that bears repetition, is consent. Despite all claims from the government about India’s 12-digit unique identity project being voluntary, it has been forced on millions of people and of late, the state has dispensed even with the fiction of it being voluntary. It is now officially mandatory for certain services, even though the project is being challenged for violating the fundamental right to privacy in the Supreme Court.
Can say: Won't buy iPhone, because privacy.
Can't say: Won't get Aadhaar, because privacy.
Can't say: Won't get Aadhaar, because privacy.
An iPhone is not mandatory. No one is being forced to buy them. Over and above that, the use of FaceID on an iPhone is also not mandatory. Users who would prefer the much more secure route of a complex password can still do so.
There are a few additional safeguards that distinguish the two.
Apple – and Google’s Android since version 6.0 – claims that data about users faces, as with fingerprint data from its earlier TouchID system, will be stored in a “Secure Enclave” on the phone. This means the 3D face map generated by the phone is not uploaded to the cloud or Apple servers, where it might be leaked or retrieved by hackers. All the processing takes place on the phone itself. Aadhaar, however, is premised on the idea of a massive database that holds the biometric information of all Indian residents, which can then be accessed by any number of government services and private companies as well as seeded with other databases.
Guys, Apple has clarified that the facial data doesn't leave your phone. A lot of people will trust Apple more than the govt. Fair enough.
Additionally, there is no workaround for Aadhaar. If someone else gets your biometric information – like fingerprint data – it takes a lengthy and not fully understood process to prevent illicit activity using your Aadhaar. Apple lets you turn off both FaceID and TouchID and has now even made it simple, by letting you tap the power button five times as an SOS that turns off those features. So even if, say, a criminal or a police office were forcing you to unlock your phone with a fingerprint or your face, you could turn the function off.
Are there still privacy concerns with FaceID?
Yes. There are many. Just because it is not mandatory like Aadhaar does not mean privacy activists recommend you go out and get an iPhoneX with FaceID now.
The main question is how easily the technology can be fooled. Samsung’s facial recognition could be cracked with a photo. An Android feature that required you to blink before it unlocked was fooled with simple photoshop. And others have pointed out the potential for criminals or the police to use masks or even force someone to look at their phone as a means of unlocking it. Apple seems to have kept some of this in mind, but until the technology is tried out in the real world, we will not know how well it works.
Maintaining password security is one thing, but how on earth are you supposed to go about protecting your face?
But there may be a broader fear here that goes beyond just getting into your iPhone. By its very nature, for facial recognition to be seamless it has to be on all the time. That means your phone is constantly scanning everything in front of it at any given moment. This alone raises some privacy concerns, until you think about the second order problem. Apple has said that the 3D face mapping technology will also be used for other apps, like creating emojis that mimic your face.
Will that mean other apps, like the data-hungry Google and Facebook, will be able to scan your face while your are using your phone? Faces contain a huge amount of information, and facial expressions are even more valuable. Would Facebook be able to tell if you smiled at something, and were distracted by something else? Faces reveal age, ethnicity, emotional state and, according to some research, even sexual orientation. What happens when Apple and other apps have access to this information?
#FaceID
Good: Design looks surprisingly robust, already has a panic disable.
Bad: Normalizes facial scanning, a tech certain to be abused.
Good: Design looks surprisingly robust, already has a panic disable.
Bad: Normalizes facial scanning, a tech certain to be abused.
The follow-up question may be even more pertinent to India. Apple, thanks to the huge popularity of the iPhone, sets the tone for smartphone design globally. This means that, though others have experimented with facial recognition, it is now much more likely that other phone makers will follow suit. Because of the iPhone’s massive reach, it also gets a lot of scrutiny, and so its security provisions are carefully documented and understood.
In a country where Apple is just a niche player, however, the proliferation of facial recognition technology could compound the privacy concerns by a huge factor. Another phone maker, HTC, was for example found to be saving fingerprint data in unencrypted, uncompressed and unprotected files that could easily be accessed by any app. Although Google, the operating system that really matters in the Indian context, has improved its security architecture, it is the phone makers that will have to be trusted. Never mind the willingness to do so, will they even have the capability or – in the case of Chinese manufacturers – freedom to build systems that cannot be breached by the government or hackers?
We welcome your comments at letters@scroll.in.
