What's Really Up With Apple Giving Face Data To Developers?

App developers can access more robust data about your face and the expressions you make with iPhone X, raising concerns from privacy advocates who worry that this sensitive facial data will end up in the hands of advertisers.

Phil Schiller, Apple's senior vice president of worldwide marketing, announces features of the new iPhone X, including Face ID. (Photo: AP)

According to its developer agreement, Apple will grant access to face data if the app maker seeks user permission before using it and agrees not to use the data for marketing or share it with advertisers. The details of the developer agreement were first reported by Reuters; Gizmodo later reviewed a copy of the agreement and confirmed the details.

However, this doesn't mean that Apple is cracking open Face ID and sharing its data with anyone who decides to build an app - Face ID compiles rich details about your face using several sensors and cameras on the front of the iPhone X, and that data never leaves your device. The face data that is being shared with developers comes from ARKit, Apple's suite of tools for augmented reality, and relies only on camera input. Earlier reports have conflated the two systems, but they're distinct and rely on different inputs.

ARKit will get heavy use from developers such as Snapchat, which will use it to make hyper-realistic selfie filters that track closely to a user's facial features. To use this kind of data, app developers need to create a privacy policy and get users' consent.

Make no mistake, ARKit will provide lots of juicy data about your face as you mug for the camera. In a presentation, Apple's game technologies evangelist Allan Schaffer explained that ARKit uses data from iPhone X's front-facing camera to make a 3D "mesh" of your face that's capable of real-time tracking.

But this is different from the data used in Face ID, and isn't powerful enough to unlock your phone. In fact, Apple's developer agreement expressly forbids app developers from using ARKit data to create their own authentication tools. "You may not use Face Data for authentication, advertising, or marketing purposes, or to otherwise target an end-user in a similar manner," the agreement reads.

Still, privacy advocates are concerned that app developers won't read through the entire 77-page agreement and therefore won't be aware of what their obligations are when it comes to protecting face data. Apple enforces the agreement by booting developers who don't comply from the App Store, but it isn't a perfect system - as Reuters noted, apps don't go through a full code review before launching on the App Store and Apple relies instead on spot checks and user reports to detect sketchy behaviour.

However, given all the hype and scrutiny around the launch of Face ID, Apple will likely be taking a closer look at apps that use facial data. If you're concerned about ending up in an advertiser's facial recognition database, check out an app's privacy policy before you start using its AR features, and consider whether the developer is a trusted company that won't sell off its map of your face - or a sketchy business that might sell you out for a quick buck.

WATCH MORE: Tech News


Comments

    It’s an unusual situation.

    Apple regularly touts its view on user and device security, yet every time some new feature or tech is added, some people jump on the “oh no, Apple has blah blah blah” and then half of the people get on their high horses complaining about “Apple’s relaxed view towards your security and privacy blah blah blah”, and around and round we go.

    I don’t know if it’s every tech writers MO to propagate everything that is written by any other tech writer/blogger/youtuber etc, but it really should stop.

      Apple although usually not the first to develop the technology is usually the first to bring it to mass markets. So makes sense they usually cop the knee jerk reactions for everything.

    Noooooooo... really?

    I don't think anyone is surprised to see this coming

      See what coming?

      The article literally explains that people have a misconception about the data being shared with devs.

    It's not.

    It's giving access to the camera, and the TrueDepth sensor, for AR.

    I don't think anyone is surprised to see this coming.

Join the discussion!

Trending Stories Right Now