Franken, ranking member of the Senate Judiciary Subcommittee on Privacy, Technology and the Law, in a letter (PDF link) to Cook on Wednesday asked a number of questions related to Apple’s implementation of Face ID. For example, Franken requests information on how the system was created, how its supporting data structure is handled, what assurances are being made as to the protection of user data and the system’s overall efficacy, among other pointed queries.
“While details on the device and its reliance on facial recognition technology are still emerging, I am encouraged by the steps that Apple states it has taken to implement the system responsibly,” Franken writes. “However, substantial questions remain about how Face ID will impact iPhone users’ privacy and security, and whether the technology will perform equally well on different groups of people. To offer clarity to the millions of Americans who use your products, I ask that you provide more information on how the company has processed these issues internally, as well as any additional steps that it intends to take to protect its users.”
Exclusive to iPhone X, Face ID employs cutting edge technology to scan a user’s face with pinpoint precision, allowing the system to stand in as a replacement for Apple’s years-old Touch ID fingerprint recognition technology.
Part of the TrueDepth camera system, Face ID employs a dot projector, infrared camera and flood illuminator, along with neural network A11 Bionic SoC to collect depth map and image data of a user’s face. Using this information, the A11 SoC creates a mathematical model the target face using an onboard neural network, data that is subsequently sent to a secure enclave for matching. Touch ID employs a similar method, minus the neural network.
Franken’s first question touches on user privacy, which for years has been a hot-button topic for Silicon Valley hardware and software services firms that collect sensitive user data. Specifically, Franken asks whether Face ID “faceprint” data is stored onboard iPhone X, if this information can be extracted from the device and whether Apple plans to store the data on offsite servers. Another question asks what safeguards has Apple built into the system to prevent nefarious actors from unlocking iPhone X by simply holding it up to an owner’s face.
At least some answers have already been provided by Apple in a press release on Tuesday that states, “All saved facial information is protected by the secure enclave to keep data extremely secure, while all of the processing is done on-device and not in the cloud to protect user privacy. Face ID only unlocks iPhone X when customers look at it and is designed to prevent spoofing by photos or masks.”
During Tuesday’s presentation, Apple executive Phil Schiller said engineers worked with thousands of people to generate “a billion images” with which to train Face ID’s neural network. Franken asks Cook where the billion images originated and how . Schiller also noted the system is designed to protect against potential spoofing via 2D photograph, adding that engineers worked with Hollywood prop makers to ensure Face ID can’t be tricked by masks. Franken asks for more information regarding the process.
Quizically, one of Franken’s questions asks, “What steps did Apple take to ensure its system was trained on a diverse set of faces, in terms of race, gender, and age? How is Apple protecting against racial, gender, or age bias in Face ID?”
Considering the system works using digital representations of a human face, essentially 3D modeling, questions regarding race, gender and age are nonstarters.
Other concerns raised in the letter include sharing faceprint information with outside parties, in particular third-party apps or other commercial parties. Franken also requests information as to whether Face ID is “always on,” or perpetually searching for faces to scan, and if the system captures and stores raw photos of faces that attempt to unlock a phone.
Finally, Franken asks Cook how Apple will respond to law enforcement requests to access faceprint data or the Face ID system itself. Apple in the past has been reluctant to share such information, and has been especially protective of hardware security technology. Last year, for example, Apple sparked a contentious debate over encryption when it refused to comply with a court order demanding the company build a workaround to security protocols safeguarding an iPhone used by a suspect in the San Bernardino terror attacks.
Franken asks that Cook reply to the letter by Oct. 13.