Privacy

iPhone X: A Privacy Hazard?

privacy hazardThere’s been a lot of hype around the new iPhone X for obvious reasons. I admit it – I’m captivated by all the ‘cool’ stuff – but then I start to think through it all…

The phone boasts a series of exciting new features including an edge-to-edge OLED screen, a powerful front facing camera and, perhaps receiving the most hype of all, Face ID. How cool does that sound? It immediately makes me think of all the futuristic movies I love. This has to be the coolest thing ever – right? Well, Face ID is a facial scanner that will replace Apple’s Touch ID, allowing people to unlock their iPhone with their face. Hmmm. Sounds simple and convenient but it also has many privacy experts concerned. In fact, Apple’s embrace of facial recognition opens a whole can of worms over security, the idea of people’s faces as their password and where this technology may take us.

The first question we need to ask when thinking about this technology is: does it really work? Predecessors to the iPhone X’s Face ID technology have faced security issues. It appears that previous attempts have been easily – well tricked. A facial unlock feature by Samsung could be unlocked by a photo. Another Android Face Unlock that required the phone owner to blink could be tricked by crudely photoshopping a photo so that the person’s eyes were closed and showing the phone first the original photo and then the photoshopped photo. Apple however claims that Face ID cannot be fooled by photos or face masks. But I have a bigger question – what if the person is sleeping or deceased—can it be unlocked then? Bottom line, we have yet to see whether Face ID will hold up against attempts to trick it, which although I still think this is cool, it is a bit unsettling to say the least.

Face ID raises yet another privacy issue—the phone owner is saving his/her facial image to use as their password. So, who has access to that facial image? Apple has a strong record in privacy and has noted that a person’s Face ID is stored only on the iPhone and is not shared with Apple. That however does not completely address the question. What about banks and other companies that might use Face ID for transactions? Where is the guarantee that they will not capture the user’s face—which is essentially functioning as their password? How can this be prohibited?

And then there’s the bit where in order for Face ID to work, at least some of iPhone X’s sensors must always be on. This requirement could allow for users to be spied on, for their faces to be scanned for emotion to see how they are reacting to different content. Facebook already targets advertisements to people based on what they know about them—imagine how companies could take advantage of seeing firsthand how people engage with the material on their phone. Ugh – I couldn’t take it.

Finally, the biggest issue with Apple embracing this kind of technology is that others will follow. Apple may take all security measures necessary to keep this technology secure and protect clients, but that doesn’t mean other companies will do the same. Face ID is a privacy concern because It could be used to spy on people, to hijack their identities or control them. There are already cases where in China, facial recognition was used by police to identify and shame jaywalkers. While in Russia, it’s been used to identify anti-corruption protesters.

All of this feeds into a wider issue—the disappearance of privacy for the sake of convenience. Privacy is no longer the default, it’s become something people need to be proactive about in order to ensure they maintain any resemblance of it for the future. Privacy should not be considered a luxury, although many do not prioritize it as they should.

Although cool, some of these features may be better left unused. I may even put off my upgrade for a bit, just to see how things mature… To avoid privacy issues on your iPhone, it’s recommended that you use a passcode in lieu of Touch ID or the upcoming Face ID. People should also be careful about which mediums they communicate on—Facebook, Email or SMS are typically not secure. Make sure to take the necessary steps to protect your privacy and security—something Vaporstream is heavily focused on. Learn more about Vaporstream here.

Contributor: Kristi Perdue Hinkle