Facebook hopes to restore the service if it can reach an agreement with regulators about how to obtain user consent.
Facebook Apps In Action
(click image for larger view and for slideshow)
Facebook has turned off its facial recognition tool that suggested the identities of registered users for possible tagging in uploaded photos.
The company did so voluntarily following a privacy audit by Ireland's Data Protection Commission. It intends to restore the service, provided it can find common ground with regulators about the most appropriate way to obtain user content.
The audit, conducted to ascertain whether the company had adjusted its practices to conform with Irish and EU data protection laws, found that Facebook has implemented many of the privacy improvements in a previous government report. It cites improved transparency around how data is handled, better user control over Facebook settings, greater clarity about data retention and deletion capabilities, and enhanced user data access rights.
Irish Data Protection Commissioner Billy Hawkes in a statement expressed satisfaction with the review of Facebook's practices and praised Facebook for going beyond his office's recommendations. He noted that facial recognition for new users in the EU has been turned off and that it will be disabled for existing users by Oct. 15.
A Facebook spokesman said the company is working with the Office of the Data Protection Commissioner to improve the controls built into its existing tools.
"This audit is part of an ongoing process of oversight, and we are pleased that, as the Data Protection Commissioner said, the latest announcement is confirmation that we are not only compliant with European data protection law but we have gone beyond some of their initial recommendations and are fully committed to best practice in data protection compliance," Facebook's spokesman said in an email.
Facial recognition continues to be a difficult technology for Internet companies due to privacy concerns. Last year, when Facebook began using facial recognition to prompt users to identify friends in photos, it did so by default, forcing users uncomfortable with the idea to opt out. Privacy advocates, researchers, and lawmakers promptly voiced concerns that eventually led to the present suspension of the company's facial recognition tool in Europe.
Google has been more cautious. In May 2008, Google implemented the opposite of facial recognition, facial blurring, in response to privacy concerns about people captured in Street View images. Yet in September 2009, Google deployed facial recognition technology, acquired back in 2006 from its purchase of Neven Vision, to Picasa Web Albums, to assist users in the generation of name tags for friends. Such tags, however, are not public by default and have to be activated by the user.
During the 2009 introduction of Google Goggles, which can recognize images, Vic Gundotra, then VP of engineering, said the company could have included the ability to recognize faces but didn't due to the potential privacy issues. However, a 2010 patent application for facial recognition in a social network suggested that Google wouldn't abstain from the technology forever.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.