NSA Leaker Edward Snowden: Apple Face Data Will Be 'Abused'

A chair is pictured on stage as former U.S. National Security Agency contractor Edward Snowden is awarded the Bjornson prize in Molde, Norway September 5, 2015. REUTERS

Edward Snowden, who knows something about cybersecurity and information privacy, criticized one feature of the new iPhone X on Tuesday, saying Apple's facial recognition software is "certain to be abused."

Good: Design looks surprisingly robust, already has a panic disable.
Bad: Normalizes facial scanning, a tech certain to be abused.

— Edward Snowden (@Snowden) September 12, 2017

Snowden was referring to Apple's announcement on Tuesday that the new devices would collect "face data" as part of a scanning feature that allows users to unlock their phones and even pay for things by glancing at their screens.

The company said it was highly unlikely another person could breach a user's facial lock system, and that its technology could differentiate between actual faces and pictures of faces or even masks and sculptures. And the company said the data remains on the device, safe from other apps.

But Snowden suggested that there's a bigger issue involved.

The "face data" locking system "normalizes facial scanning, a tech certain to be abused," he posted.

Facial scanning aside, it's common practice for apps and social media websites to require users to agree to a privacy policy that lets them collect and sell users' information, often to marketers — which is why web surfers are inundated with ads linked to their browsing history or even what they just talked about.

Snowden, who leaked an estimated 1.7 million classified documents about surveillance programs in 2013, wasn't completely averse to the new technology: He also said the design looked "surprisingly robust" and praised its "panic disable," which would disable Face ID with five quick clicks to a side button, and then require users to enter a passcode.

We won't know how secure it is til #34C3, but looks like a clever design that avoids some common flaws. Needs a TouchID-style panic disable. https://t.co/JTVv7t11Wo

— Edward Snowden (@Snowden) September 12, 2017

Snowden did not delve into specifics about his face data concerns, but said in another tweet that the upcoming Chaos Communication Congress, an annual hackers conference that will take place in December in Leipzig, would provide the ultimate test of face data security.

A report released on Wednesday by UK-based online payments company Paysafe Group showed that 40 percent of consumers think paying for products via biometric verification systems such as the one Apple hyped this week as well as fingerprints — is "too risky and unknown." Twenty-three percent said they were "not keen to use these, but expect that some merchants will force" the technology on them.