Sen. Franken lauds Apple response detailing Face ID security

Posted:
in iPhone edited October 2017
Shortly after Apple introduced iPhone X with Face ID biometric security in September, U.S. Senator Al Franken challenged CEO Tim Cook to address the technology's potential impact on consumer privacy. Apple has since responded in a letter detailing the system's built-in security features.




As the ranking Democrat on the Senate Judiciary Subcommittee on Privacy, Technology and the Law, Franken expressed concern over Apple's facial recognition solution in a letter last month.

Alongside routine questions regarding the basic operation of Face ID, and the underlying TrueDepth camera system, the senator sought clarification on Apple's method of data handling. User privacy is a key concern for technology companies, which often collect sensitive information in a bid to better serve customers.

Beyond consumer privacy, Franken questioned Apple over steps taken to protect against racial, gender and age bias.

In its response, penned by VP for Public Policy Cynthia Hogan, Apple explained Face ID confirms the presence of an attentive face (via gaze detection), projects and reads a depth map of a user's face and sends that information to the Secure Enclave for processing. Face ID data, which includes a mathematical representation of a user's face, is encrypted and never leaves the device.

Data sent to the Secure Enclave is not sent to Apple or included in device backups. Further, 2D face images and corresponding depth map information captured for normal unlock operations are immediately discarded once the mathematical representation is calculated for comparison against an enrolled Face ID profile, Apple said.

Hogan's letter goes on to reiterate information provided to the public last month in a press release, Face ID security white paper, an Apple Support Document and remarks made during the onstage presentation of iPhone X. Apple attached copies of the white paper and support document to its letter.

Franken on Monday issued a statement regarding Apple's response.

"All the time, we learn about and actually experience new technologies and innovations that, just a few years back, were difficult to even imagine," said Sen. Franken. "While these developments are often great for families, businesses, and our economy, they also raise important questions about how we protect what I believe are among the most pressing issues facing consumers: privacy and security. I appreciate Apple's willingness to engage with my office on these issues, and I'm glad to see the steps that the company has taken to address consumer privacy and security concerns."

Franken adds that he intends to follow up with Apple to glean more information about how the company plans to protect customer Face ID data. It is unclear what supplementary information Apple can provide, as the company has already published a wealth of knowledge relating to Face ID and the underlying TrueDepth camera technology to its website.

Apple's response in full:

«1

Comments

  • Reply 1 of 30
    MplsPMplsP Posts: 1,374member
    While I'm sure there was at least an element of political show with Franken's initial questioning, given the instances of hidden data sharing with other devices, his concerns and questions were reasonable to ask. In general, Apple has repeatedly shown themselves to be above average in  terms of data and consumer privacy. I'm glad they're continuing this track.
    tallest skilRacerhomieXmacky the mackydaven[Deleted User]jSnivelysdw2001anton zuykovlostkiwiicoco3
  • Reply 2 of 30
  • Reply 3 of 30
    sflocalsflocal Posts: 4,627member
    Well, Franken got his 5 minutes of fame.

    Hey AL... why the hell did you not question Samsung when they came out with their botched Facial Recognition feature?  Well?
    RacerhomieXcalijkichlineLordeHawkjbdragonanton zuykovlostkiwilollivertycho_macusercornchip
  • Reply 4 of 30
    sflocal said:
    Well, Franken got his 5 minutes of fame.

    Hey AL... why the hell did you not question Samsung when they came out with their botched Facial Recognition feature?  Well?
    5 minutes huh? Senator Smalley would disagree...


    stanthemanrussw
  • Reply 5 of 30
    SoliSoli Posts: 8,863member
    MplsP said:
    ...his concerns and questions were reasonable to ask.
    I'd agree if all that information hadn't just been detailed at the event which he could watch at any time with nice animations explaining how it works. I like Franken and I wish the letter had simply read:


    anantksundaramcalijkichlinecyberzombieradarthekatjbdragon[Deleted User]fotoformatindyfxanton zuykov
  • Reply 6 of 30
    MplsP said:
    While I'm sure there was at least an element of political show with Franken's initial questioning, given the instances of hidden data sharing with other devices, his concerns and questions were reasonable to ask. 
    Not really. It operates no different than the personal data utilized by Touch ID, and I saw no reason to believe otherwise. He asked all the same questions when that device launches. It was out of courtesy that Apple responded as they were under no obligation to humor the panickers. 
    jbdragonlolliverwatto_cobra
  • Reply 7 of 30
    jd_in_sbjd_in_sb Posts: 1,484member
    Apple was very clear about security during the presentation. Franken was just grandstanding for publicity.
    mike1jbdragonllamatycho_macuserwatto_cobra
  • Reply 8 of 30
    There is nothing wrong with Sen. Franken asking about a new technology. Plenty of tech companies introduce new products and services that create havoc — such as Facebook’s platform being used by Russians to manipulate the election, Uber’s multiple abuses, Google’s privacy infringements and Amazon’s (local) tax-dodging policies. Apple is a quality company run by people of character, and will do great when called to account.
    lostkiwichasmwatto_cobra
  • Reply 9 of 30
    fastasleepfastasleep Posts: 2,869member
    Any time a member of the US Congress exhibits genuine curiosity about how a technology actually works, we should breathe a sigh of relief. Sometimes it feels like our country is run by a bunch of Ted “The Internet is a Series of Tubes” Stevenses. 
    SolijSnivelyking editor the graterusswmacguilostkiwichasm
  • Reply 10 of 30
    anomeanome Posts: 1,272member

    There is another reason that Franken might have asked the question, even if he "watched the video", or just assumed it worked the same way as TouchID.

    It's now in the official records of the committee. You can't underestimate the importance of having that letter and the attachments on file.

    benji888larryarusswcharlesatlaslostkiwichasmjony0
  • Reply 11 of 30
    SoliSoli Posts: 8,863member
    Any time a member of the US Congress exhibits genuine curiosity about how a technology actually works, we should breathe a sigh of relief.
    anome said:

    There is another reason that Franken might have asked the question, even if he "watched the video", or just assumed it worked the same way as TouchID.

    It's now in the official records of the committee. You can't underestimate the importance of having that letter and the attachments on file.

    I concede to both of these points.
    llamamacguiNotsofastlostkiwiRayz2016
  • Reply 12 of 30
    For me, personaly , face id is more than a welcome feature since touch id is nothing more than a pain with someonw with sweaty hand and fingers.. which prevents it from working 80% if the time.
  • Reply 13 of 30
    netroxnetrox Posts: 740member
    First, I have stocks in Apple and I would ask the same question. I want to know if my Apple products are secure. Second, politicians are just asking for public information to help us know what their concerns are and how their concerns are addressed. So, what's the problem?
  • Reply 14 of 30
    SoliSoli Posts: 8,863member
    netrox said:
    First, I have stocks in Apple and I would ask the same question. I want to know if my Apple products are secure. Second, politicians are just asking for public information to help us know what their concerns are and how their concerns are addressed. So, what's the problem?
    When you've carefully planned and tested a security feature, and then prepared a detailed explanation of said security feature with links on your website again detailing the information, but then are immediately questioned about the security of the feature you just detailed, then it's fucking annoying. It's not like Phil Schiller talks like the restaurant manager on this week's Curb Your Enthusiasm, it's closer to Franken asking "You mean like out the toilet?"
  • Reply 15 of 30
    It’s a reasonable position that many people who use hi tech gear really don’t understand what is going on inside the device. It is reasonable for the Senator to have asked questions about security. Apple reiterated in pretty simple language how their systems work. I see no problem here.
  • Reply 16 of 30
    For me, personaly , face id is more than a welcome feature since touch id is nothing more than a pain with someonw with sweaty hand and fingers.. which prevents it from working 80% if the time.
    zero worries about security..

    edited October 2017
  • Reply 17 of 30
    sdw2001sdw2001 Posts: 17,036member
    Well, Stuart Smalley is happy, so I feel better now.  


    Said no one, ever.  
  • Reply 18 of 30
    wigbywigby Posts: 689member
    sflocal said:
    Well, Franken got his 5 minutes of fame.

    Hey AL... why the hell did you not question Samsung when they came out with their botched Facial Recognition feature?  Well?
    Samsung is not a U.S. company. I guess he could've questioned them too but then what?
    edited October 2017 watto_cobra
  • Reply 19 of 30
    wigbywigby Posts: 689member

    Soli said:
    netrox said:
    First, I have stocks in Apple and I would ask the same question. I want to know if my Apple products are secure. Second, politicians are just asking for public information to help us know what their concerns are and how their concerns are addressed. So, what's the problem?
    When you've carefully planned and tested a security feature, and then prepared a detailed explanation of said security feature with links on your website again detailing the information, but then are immediately questioned about the security of the feature you just detailed, then it's fucking annoying. It's not like Phil Schiller talks like the restaurant manager on this week's Curb Your Enthusiasm, it's closer to Franken asking "You mean like out the toilet?"
    So you think it's adequate enough for politicians and decision makers to simply watch a keynote and look over some marketing material to help secure this country and its citizens? I don't think anyone's minds were blown here but I'm still glad the senator took the time to formally ask some questions in a public forum.
    Notsofast
  • Reply 20 of 30
    There is nothing wrong with Sen. Franken asking about a new technology. Plenty of tech companies introduce new products and services that create havoc — such as Facebook’s platform being used by Russians to manipulate the election, Uber’s multiple abuses, Google’s privacy infringements and Amazon’s (local) tax-dodging policies. Apple is a quality company run by people of character, and will do great when called to account.
    How can one use Facebook to manipulate elections, if Facebook has nothing to do with the voting process? Did you mean, manipulate public opinion? But then all MSM need to be accused too.
    edited October 2017 SpamSandwichmobird
Sign In or Register to comment.