A recent experiment has brought attention to the potential risks of facial recognition technology, as a proof of concept (PoC) utilizing consumer AR glasses has demonstrated the ease with which our privacy can be compromised.

The setup involved a pair of ordinary-looking consumer AR glasses, which were configured to capture a photo when the user performed a specific gesture, such as pinching their fingers, and then leveraged a backend service to perform a reverse-image face lookup, displaying the result on the glasses’ display.

This was achieved with minimal effort, requiring only a few hundred lines of code and a backend service that costs less than a daily coffee habit. The alarming aspect of this experiment is that it did not involve any sophisticated exploits or new discoveries, but rather the simple combination of existing technologies.

The real threat lies in the convergence of three factors: the lack of a visible gesture when using glasses, the widespread availability of facial recognition databases, and the ability to perform real-time lookups. This convergence has effectively eliminated the friction that previously protected our privacy, making it possible to identify strangers without their knowledge or consent.

The implications of this are significant, as our faces are often already tied to our names, jobs, and cities, making it easy to access our personal information. The question now is, what controls can be put in place to protect our privacy in a world where capture is invisible by design?

Photo by Mikael Varosyan on Pexels
Photos provided by Pexels