Data Backup Digest

The popular social networking site Facebook has seen its fair share of controversy over its relatively short lifespan to date, but their latest obstacle comes in the form of a lawsuit over the site’s “tag suggestion” functionality. Led by Illinois-based plaintiff Carlo Licata, the lawsuit cites a violation of the Illinois Biometric Information Privacy Act, which was enacted throughout the state in 2008.

What Is Tag Suggestion?

While some users see Facebook’s “tag suggestion” feature as an incredibly useful and timesaving device, it’s easy to see where it may warrant some privacy concerns. Under the current setting, Facebook automatically prompts you to tag specific friends who appear in your newly uploaded photos. This is accomplished through Facebook’s highly advanced facial recognition protocol, which was originally introduced to the social media site in 2010.

Moreover, the development of DeepFace technology, which came in 2014, bolstered the accuracy of Facebook’s facial recognition software even further. While working in tandem with DeepFace, Facebook is able to achieve an accuracy rate of more than 97% when identifying the faces of other Facebook users who appear in your uploaded pictures.

Illinois Biometric Information Privacy Act

As mentioned earlier, the leading plaintiff of the new lawsuit is claiming that Facebook is in direct violation of the Illinois Biometric Information Privacy Act of 2008. Not only does the act state that all organizations must obtain written permission before collecting any biometric data, but it also mandates that such companies inform their customers regarding the long-term storage data of such data.
Per the lawsuit filed by Carlo Licata, Facebook never asked his permission before collecting his biometric data - specifically that of his own face. Furthermore, Facebook has neither informed Licata of how long his information will be stored nor given him the chance to opt out of the feature.

In fact, opting out of the feature at this point wouldn’t remove the data that has been previously stored. Since Licata has been a user of Facebook since 2009, they’ve had plenty of time to gather and archive his biometric data, and they’ve been doing so in violation of the Illinois Biometric Information Privacy Act of 2008.

Carlo Licata is not alone in his concern about Facebook’s usage and storage of their users’ biometric data. Facebook previously had an issue with regulators in Europe, who forced a temporary shutdown of the site until full compliance could be achieved. Facebook has since been re-implemented throughout European markets.

The Federal Trade Commission also cited privacy concerns in a 2011 study, where they were quoted as saying: “Once exposed, a victim has no recourse to prevent becoming victim to misconduct like identity theft and unauthorized tracking.”

According to Roger Sherman, Facebook’s own privacy and public policy manager, the software is safe from the prying eyes of hackers and would-be identity thieves.

Since Facebook has not posted a public statement about the lawsuit, it’s hard to draw any potential conclusions. Licata was quoted as saying that he hopes his lawsuit will “put a stop to its surreptitious collection, use and storage” of such biometric information.