After Instagram and TikTok, X (formerly Twitter) announced that it will collect the biometric data of certain users by the end of September. Why this change in rules? Is the collection of this type of very sensitive data becoming the new norm for platforms and social networks?
Iris or facial scanning, fingerprint verification… Will we soon have to agree to give our biometric data to access social networks or other platforms? The question arises when reading the future general conditions of use of X, formerly Twitter. From September 29, X explains, in an update of its general conditions, that “ based on your consent, we may collect and use your biometric information Has safety, security and identification purposes “.
After Meta and TikTok, which offer in different countries to collect this type of data, or which verify the identity of users in this way, X joins the club of companies which will collect biometric data. If Elon Musk’s platform has not given a definition of these data specific in its general conditions or on its blog, it has nevertheless clarified certain points to our colleagues at Bloomberg and some BBC. According to these exchanges, not all users are targeted: only people subscribed to the paid service X Premium (ex-Twitter Blue) are concerned by this future collection of biometric data.
A possibility and not an obligation
The social network stressed that they could opt for more security, via this additional layer of verification: “ X will offer the possibility of providing your official identity card, combined with a selfie “, he was clarified to our colleagues. This biometric information would include “ data relating to a person’s physical attributes, such as a facial scan or fingerprint “. The collection of this data would be subject to the consent of the user in question.
It would therefore bea possibility and not an obligation – an important point in the European Union. The European regulation on personal data (GDPR) indeed conditions biometric recognition on consent “ enlightened “. Users should be able to opt out of the collection of this type of data – which appears to be the case, according to these terms and conditions.
Why this addition of data? If the company bought by Elon Musk in October 2022 highlights the “ fight against identity theft attempts » and security, a potential legal action could explain this modification. Last July, a class action proposed to target, in the United States, the parent company of biometric information. According to the appeal, failed to adequately inform individuals » the collection or storage of users’ biometric identifiers, which would be contained in each photograph. Each image that ends up on the social network would be scanned in order to identify, among other things, potentially pornographic content. It is during this scan that this data would be collected. The modification of the general conditions would therefore aim to respond to this possible legal action.
Biometric verification devices, the current trend?
Another hypothesis: X would only follow the current trend, which is to implement biometric verification systems to strengthen security on the platforms. Instagram has already introduced a selfie-based system to verify the age of users in the UK. TikTok already collects biometric data in the United States. Its privacy policy indicates, for example, that the platform can, since 2021, “ collect biometric identifiers and biometric information as defined by US laws, such as facial and voice scans “.
X could also have made this change to the rules of use, because it plans to set up a passkey system, according to application developer Steve Moser. This authentication method allows you to log in to your accounts securely, without having to enter a password.
Also read: Thanks to “passkeys”, Google marks the “beginning of the end of passwords”
“A dangerous precedent” for this expert
The collection and holding of such data by private companies is not without concern for some experts. While using this type of data for authentication purposes can provide a more secure and convenient connection for users, it also poses privacy risks. Because while credit card numbers can be changed if hacked, this is not the case for a person’s biometric information. How can we ensure the security of this particularly sensitive data?
For Jacopo Pantaleoni, former engineer and researcher at Nvidia interviewed by Fortune, the question goes beyond the issues of identity theft. “ X’s plan to collect biometric data (…) sets a dangerous precedent “, he is alarmed. “ The danger is twofold. If the use of this type of biometric identification becomes widespread, the result could be a system in which it becomes virtually impossible to remain anonymous on the Net, further eroding the very notion of online privacy “, he adds to our colleagues. However, the use of these biometric data ” will invariably lead to the development of even finer and more precise methods of targeted advertising and tailor-made information distribution “, he believes.
The update to the general conditions of use includes two other changes. X would first prepare to collect information relating to the users’ professional background. This is not necessarily surprising: Elon Musk, boss of the platform since October 2022, has repeatedly said that he wants Twitter to become a super-App like the Chinese platform WeChat, with a section dedicated to recruitment . As a result, it is written in black and white that the information relating to “ your work experience, academic background, and job search history could be taken. This data would then be shared with employers. The job search function is already available in beta in the United States, but no launch date is yet planned in Europe.
Latest element updated in the new privacy policy: the fact that information normally collected for targeted advertising purposes could be used to “ train machine learning or artificial intelligence models (of X) (…) “, said the platform.
If you are an X user, there is an easy way to find out what data X has access to. Go to the application settings (“Settings”), then “ Privacy and Security »: you will then see all the information collected by the social network, which you can uncheck one by one.
Also read: Smart cameras during the Paris Olympics – “People will be used as guinea pigs”, deplores Quadrature du Net
Twitter privacy policy
