Facebook Faces Lawsuit Over Biometrics.
A new class action suit against Facebook alleges that the social media giant has assembled the worlds largest collection of facial recognition data in the world, and is using in violation of the law.
The issues of privacy appear clear: Why do they need to collect biometric information and how is it used. Consider that Facebook, or any other enterprise, would only collect such data if they could monitize it.
The questions are:
- Why do they need this data?
- How will they sell this data?
- Who will they sell it to?
- Is the data in violation of copyright law, who owns the photographs used?
- How will the data be tracked after it is sold?
- What recourse does a parent have if their child’s biometrics?
- What redress do users have if the data is sold or stolen and misused?
But even more troubling is what we all know. Facebook is not secure. A simple search returns 98 Million Google results for hacking Facebook. That is worrisome.
Everyone should be concerned about how Facebook will secure user’s data and what liability they have if the data is stolen.
The lawsuit also states that in 2011 the FTC was concerned about a “third party maliciously breaching a database of biometric information,” and that “once exposed, a victim has no recourse to prevent becoming victim to misconduct like identity theft and unauthorized tracking.”
What do you think?
The real question, the unifying theory of cyber security, is why don’t we just eliminate the password all together? The password is the weakest link.
Coming soon… BPID password-free authentication.
Paul Swengler is the CEO and principal of Bulletproof ID a password-free authentication system. He can be reached through www.bpidsecurity.com