After Demanding Nudes, Facebook Comes Up with Another Creepy Security “Feature”
After creating concerns over possibly demanding users for nude photos to protect them against anyone else uploading their pictures, Facebook is at it again. The company repeatedly fails to understand privacy boundaries and has started to act like some government intelligence agency that is obsessed with surveillance and data collection. In the latest of such Orwellian actions, the social networking giant has started to demand users upload their photos “that clearly shows your face” or risk getting locked out of their accounts.
While Google, Microsoft and Apple remain at the center of much of the telemetry and data collection fears, Facebook is possibly leaving every other tech company behind with its ambitions. Just like one particular intelligence agency, Facebook too sells these features by using the terms “security” and “protection”. Purportedly fighting the Russian propaganda (ain’t it too late for that?) and increasing problem of bots, the company has now found yet another excuse to amass more data.
In its defense, Facebook does say that it will delete the picture as soon as it’s uploaded and verified. But, who is going to take the company’s word for it?
a friend sent me this: Facebook is now locking users out of account features, then demanding that those users "verify" their account to get back in by scanning an image of their face. AN IMAGE OF THEIR FACE. pic.twitter.com/T4TIsJFxX8
— can Amy Goodman pls stop inviting Assange on thx (@flexlibris) November 28, 2017
What is this latest Facebook drama all about?
When Apple introduced Face ID with its latest iPhone X, many privacy and security advocates warned that the company may have just ushered us into an era where people won’t think twice about logging in with (or getting verified by) their images. Following Apple, Facebook is already at it, but while Face ID remains an optional feature, Facebook could potentially impose this feature on users to get access to their accounts.
Earlier today some users reported seeing a notification from the social networking site that asked them to “upload a photo of yourself that clearly shows your face” to prove that the user is not a bot. The company is reportedly replacing captcha with a real person’s picture to verify they are indeed humans. The activity goes back to several months but doesn’t appear to have been mass implemented yet.
“Please upload a photo of yourself that clearly shows your face. We’ll check it and then permanently delete it from our servers.”
One tweet showed that a user was locked out of their account and received a message that they will only be able to get in once their photo has been reviewed.
“You Can’t Log In Right Now. We’ll get in touch with you after we’ve reviewed your photo. You’ll now be logged out of Facebook as a security precaution.”
The company says that the photo test will help it “catch suspicious activity at various points of interaction on the site, including creating an account, sending Friend requests, setting up ads payments, and creating or editing ads”.
In a statement to the media, Facebook added that it’s testing the feature for their “abuse-fighting team” to catch suspicious activity. While there are obvious security concerns with this approach, the company also fails to realize that much of the account abuse happens through known contacts who might just have our pictures anyway.
“After all, the very people you might most want to guard your account against, such as ex-boyfriends or girlfriends, grudge-bearing colleagues, and so on – are the same people who might very well have their own, unique, clear photos of you handy on their phones from the days before the relationship went sour,” security expert Paul Ducklin told HuffPo.
Another problem flagged by affected users suggests that the company also rejects photos uploaded by the users and keeps them logged out despite multiple attempts at sharing different photos.
This is the second time in a month now that Facebook has demanded user photos as a solution to fix issues on its platform. After asking for nude photos to tackle revenge porn to demanding private photos to keep bots at bay, the company might as well just introduce its own facial recognition system for login and verification processes. While the issues are real and nobody wants to use a platform infested with security problems, the network needs to come up with better solutions that don’t take away even more pieces of what is left of our privacy online.