Musk stirs controversy with move by X to collect biometrics

Elon Musk has risked losing subscribers with his overhaul of Twitter, right down to renaming the service ‘X.’

But with the platform still surviving, he continues pushing the envelope. The latest move is a revised privacy policy that comes into effect September 29, allowing it to collect some users’ biometric data and other personal information.

The biometric data collection is for X Premium users only, the company told CBS MoneyWatch.

The privacy policy doesn’t define biometric data, but most experts interpret it as physical characteristics used for login confirmation such as fingerprint, facial or iris scans.

X will give users the option to provide their government ID, combined with a selfie, to add a verification layer, the company told CBS. “Biometric data may be extracted from both the Gov ID and the selfie image for matching purposes,” the company said. “This will additionally help us tie, for those that choose, an account to a real person by processing their government-issued ID. This is to also help X fight impersonation attempts and make the platform more secure.”

Whether users will accept this additional personal information collection or leave the platform isn’t known.

“The announcement is at least an acknowledgment that X will be doing what other social networks have already been doing in a more covert fashion,” Stephen Wicker, a professor at Cornell University and expert on data privacy, told CBS.

By seeking to gather millions of users’ biometric information, “Elon Musk is drawing a huge target sign on X,” said Adrianus Warmenhoven, cybersecurity expert at NordVPN.

“The era of the password is fast being replaced by one in which our fingerprints and retinas hold the keys to our online security, and cybercriminals are already waiting at the gates.

“Research into marketplaces on the Dark Web has revealed tens and thousands of stolen digital fingerprints are already available for sale. as bad actors seek to hoard this valuable data, knowing it will increasingly be used for authentication from social media to banking apps.

“With a giant stockpile of uniquely personal information, the security of X’s data storage will come under renewed scrutiny. In the event of a breach, it will no longer be just a case of requesting affected users to change their passwords, their identities could be compromised forever.

“This, coupled with the increased remit of data capture to include education and job history – another treasure trove for hackers and identity thieves – is also likely to make the platform a higher priority for cyber attackers than ever before.”

While gathering biometrics could help in Musk’s goal to eliminate fake or bot accounts, it is also likely to put extra pressure on X’s free users to subscribe to its paid-for service for additional security, he added. Earlier this year the company decided to limit two-factor authentication to members of X Premium (formerly Twitter Blue).

“Despite existing for some time, systems that collect and utilize biometric data remain controversial,” noted Matt DeLauro, chief revenue officer of SEON, a Hungary-based anti-financial fraud provider. “It will be interesting to see how X implements these technologies within its updated privacy policy, and how the company plans on securing this sensitive information against the risks posed by online fraudsters and cybercriminals.

“Policies like this often necessitate the creation of centralized databases to house sensitive and identifiable materials. This raises concerns about the potential exploitation of this information by internal or external bad actors. Individuals must not only decide if they trust X, but also the company’s cybersecurity defense measures against threats.”

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer. Former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, Howard has written for several of ITWC's sister publications, including ITBusiness.ca. Before arriving at ITWC he served as a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs