Johannes Caspar, head of the Hamburg Data Protection Authority, sent Facebook a letter, in which he argued that facial recognition amounts to unauthorized data collection on individuals. Caspar sent the letter on Wednesday, and has given Facebook two weeks to respond.
This is far from the first time Facebook’s facial recognition feature has been criticized–the feature was introduced in December, and it’s been constantly attacked since. Pushback against the feature increased in June after security firm Sophos warned Facebook’s users that the site had expanded its use of the facial recognition feature. This prompted Facebook to apologize for how it had handled the rollout.
The European Union’s advisory board–the Article 29 Working Party–is also looking into Facebook’s facial recognition and whether it’s a violation of EU law. Investigations at the member-state level are underway in Ireland, the United Kingdom, and, now, Germany.
If the social networking site is found guilty of breaching consumer privacy, German laws allow Facebook to be fined up to 300,000 euros ($429,000). Regulators would also be able to force Facebook to disable facial recognition within the country.
It’s not clear if Germany’s move will affect the United States. While no official investigation into Facebook’s facial recognition feature currently exists in the United States, the Electronic Privacy Information Center (EPIC) has filed a complaint with the FTC.
EPIC’s effort has received support from Rep. Ed Markey (D-Mass.), who chairs the bi-partisan privacy caucus. “When it comes to users’ privacy, Facebook’s policy should be: ‘Ask for permission, don’t assume it,” Rep. Markey has said.
For more tech news and commentary, follow Ed on Twitter at @edoswald and on Facebook.