Meta embedded inactive face-recognition code in smart-glasses app

Meta embedded an inactive, unreleased face-recognition module called “NameTag” into its Meta AI companion app, a piece of software installed on more than 50 million devices. The module was not activated but was present in the app that supports features used with the company’s smart glasses.

The code’s presence prompted questions from privacy advocates and security experts about how quickly wearable devices could enable real-time identification of people without their knowledge. Face-recognition logic built into software on widely distributed devices increases the potential for biometric identification to be performed at a distance and in public settings.

Company engineers gave the module an internal name and left it dormant inside the companion app. The app is linked to the smart-glasses feature set, which uses built-in cameras and microphones mounted near the face. Those sensors can capture people and scenes at a distance and can operate without clear signs that recording or identification is taking place.

A proposed Pennsylvania bill would require smart glasses and similar wearable recording devices to show a visible indicator light when they are capturing audio or video and would bar users from disabling that indicator. Many consumer smart glasses already include some kind of recording light, but investigators have found examples where the indicator was removed or disabled.

Technology-based countermeasures that detect nearby smart-glass devices are available, but they have limits. Detection apps can miss some models, cannot reliably identify who is being recorded, and may give users a false sense of safety if they fail to detect a device.

Experts note that the risk extends beyond simple audio or video capture. AI-enabled wearables can process footage in real time to suggest identities and may draw on online photos and people-search databases to match faces to names, addresses and other details. The accuracy of such matching depends on how much personal information and images are publicly accessible.

Consumers looking to reduce their exposure to facial-identification systems can restrict who sees photos on social media, use opt-out or removal tools offered by reverse image search services and people-search sites, and pursue data-removal services that work with data brokers. These steps affect how easily online services can link images to personal records.

The presence of the inactive module has led privacy groups and some lawmakers to call for clearer rules and technical safeguards for wearables that combine cameras, microphones and AI. Options under consideration include mandatory, hard-to-disable recording indicators, limits on biometric-recognition features in consumer products, and stricter disclosure about what code is included in companion apps.