Warning: *privacy not included with this product
Ray-Ban Facebook Stories
Well, this sounds like a potential privacy nightmare. Ray-Ban teamed up with Facebook to sell glasses with two cameras and three microphones built-in that connect to the Facebook View app and, with a voice command, can record what you're seeing and hearing. Then those recordings can be share to "Facebook, Instagram, WhatsApp, Messenger, Twitter, TikTok, Snapchat and more." Yikes!!! These very creepy smart glasses come in 20 different variations of styles and colors. They also come in a range of lenses including clear, sun, transition and prescription. We're not at all sure the world needs people walking around in sunglasses that share what you see and hear with Facebook. Nope, don't think the world needs that at all.
What could happen if something goes wrong?
Meta (formerly Facebook) joined with popular sunglasses maker Ray-Ban to make these smart sunglasses. That means two companies, multiple privacy policies, and a good deal of headache in trying to figure out what privacy concerns exist for these smart sunglasses. Fun!
Meta/Facebook has a very long history of betraying users' privacy and trust. They've faced record fines around the world for this and have been caught hiding data leaks from their users. In April 2021, it was reported the personal information of more than 500 million Facebook users was shared online in a massive data leak. Then there was the 2022 admission that over one million Facebook users’ login info may have been compromised due to malicious apps stealing data through the Facebook third-party login (hey, Meta/Facebook did announce this themselves, so, good for them). All this this coupled with with the Facebook whistleblower testimony in 2021 to the US Congress that outlined the harms Meta/Facebook causes and the dishonest way they approach dealing with these harms and Meta/Facebook appears to be one of most immoral companies we review in *Privacy Not Included.
This is the starting point for smart glasses you put on your face that include cameras and microphones and a way to share everything to social media through the Facebook View app. It is well established that Meta/Facebook collects and shares a huge amount of personal data on their users and doesn’t always secure that data properly. That alone makes these smart glasses a huge privacy concern.
To use the Facebook View app with these smart glasses, you’re required to have a Facebook account So, you’re gonna be sharing lots of your data with a company with a horrible track record at protecting and respecting the heaps of data these smart glasses can collect. And good luck figuring out which of the Meta/Facebook, Supplemental Facebook View app, Ray-Bay and their parent company Luxottica privacy policies apply to you when you use the Ray-Ban Stories smart glasses.. It’s pretty confusing trying to sort all that out. Which makes sense when you read that Meta/Facebook’s own engineers struggle to keep track of, control, and explain the use of all the data Meta/Facebook collects.
And Meta says their Facebook View app can collect a whole lot of data on you from these smart glasses. Things like photos, videos, metadata such as the dates and times you created or uploaded this content, information about the sensors used on these glasses, device IDs, and information such as the number of photos and videos captured, the time spent taking videos, the method you use to share photos and videos, and the average length of videos captured. And then there are those voice requests you can make through the smart glasses and the app. Meta describes those voice interactions as “things you say when using our voice services, including when voice services are mistakenly invoked, as well as any background sound that can be heard once voice services are enabled.” So, what you say, what you say that Meta mistakenly listens to, and even background conversations that can be heard when the voice services are used and all potentially recorded, processed, transcribed and even perhaps used to train AI or reviewed by human reviewers Yikes! Also, nope!
Beyond all of these very serious privacy concerns, there’s another, perhaps even bigger privacy concern that must be considered. Meta/Facebook and Mark Zuckerberg seem quite obsessed with owning the real estate on our faces for the augmented reality and virtual reality metaverse of the future. But what does it mean when a person puts cameras and microphones on their face and points them out at the world? How do you know if you’re being recorded by these glasses? Mea says there’s a little LED light that shows they are recording, but some privacy regulators worry that isn’t enough to protect people from unknown recording. And what if you don’t want to be recorded? Or surveilled? How do you opt out of being recorded? We don’t see a way and many others have the same concerns. Meta has built in some privacy protections, which, yay!, but the question is, are they enough? The answer seems to be no, because Meta has mostly put the onus on wearers of these glasses to be responsible with them.
What’s the worst that could happen with the smart glasses? Well, we’re afraid a lot. The question comes down to, does Meta have your best interests at heart when it collects all the data these smart glasses, and Facebook View app are capable of collecting? From Cambridge Analytica to where we are today with Mark Zuckerberg’s hopes for the metaverse, the answer to that question is a resounding NO. Couple that with the ethical questions surrounding surveillance and being recorded without consent and we're afraid these glasses comes with *Privacy Not Included.
One more note on Meta from a privacy researcher’s point of view. Trying to read through Ray-Ban's and Meta's crazy network of privacy policies, privacy FAQs, privacy statements, privacy notices, and supplemental privacy documentation for their vast empire is a nightmare. There’s so many documents that link to other documents that link back even more documents that understanding and making sense of Meta's actual privacy practices feels almost impossible. We wonder if this is by design, to confuse us all so we just give up? Or, if maybe even Meta's own employees possibly don’t know and understand the vast network of privacy policies and documentation they have living all over the place? Regardless, this privacy researcher would love to see Meta do better when it comes to making their privacy policies accessible to the consumers they impact.
Tips to protect yourself
- Set up two-factor authentication
- Set up login alerts
- Minimize the amount of data shared with your Facebook account
- Set up your Facebook account's privacy settings
- Check Meta Portal privacy settings
- Keep your location data private
- Stop data collection by Meta's partners
- You can disable the camera and built-in microphone on Portal with a single tap or with a sliding switch. A red light next to the lens indicates the camera and microphone are off
- When starting a sign-up, do not agree to tracking of your data
- Do not sign up with third-party accounts. Better just log in with email and strong password.
- Chose a strong password! You may use a password control tool like 1Password, KeePass etc
- Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless neccessary)
- Keep your app regularly updated
- Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
- Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data."
What can be used to sign up?
Facebook account is required
What data does the company collect?
Name, email address, password. When the cameras and microphones are activated on the Glasses, they collect photo and video recordings.
Voice clips are recorded and can be sent back to Facebook when you say "Hey Facebook."
Contacts (optional, when you share content)
How does the company use this data?
How can you control your data?
What is the company’s known track record of protecting users’ data?
In September 2022, Meta was fined $405M for treatment of childrens' data on Instagram.
In October 2022, Meta Pixel was a cause of a data breach of sensitive healthcare data that hit 3 million patients at Advocate Aurora Health (AAH), a 26-hospital healthcare system in Wisconsin and Illinois.
In October 2022, Meta notified around 1 million users of potential compromise through malicious apps.
In August 2022, private and personal information of over 1.5 billion Facebook users were allegedly being sold on a popular hacking-related forum.
In March 2022, Meta received a $18.6M fine from the Data Protection Commision. The DPC found that Meta Platforms failed to have in place appropriate technical and organisational measures which would enable it to readily demonstrate the security measures that it implemented in practice to protect EU users’ data, in the context of the twelve personal data breaches. The decision followed an inquiry by the DPC into a series of twelve data breach notifications it received in the six month period between 7 June 2018 and 4 December 2018.
In October 2021, Facebook's WhatsApp was fined nearly $270 million by Irish authorities for not being transparent about how it uses data collected from people on the service.
In April 2021, it was reported that there was a personal data leak of about 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million on users in India. It included their phone numbers, Facebook IDs, full names, locations, birthdates, bios, and, in some cases, email addresses.
In August 2019, Bloomberg reported that Facebook hired contractors to transcribe audio messages users sent through Messenger and Facebook confirmed the report.
Child Privacy Information
Can this product be used offline?
User-friendly privacy information?
There are multiple and confusing privacy policies for this product. It's also hard to tell which privacy policies apply to the product across Ray-Ban and Meta/Facebook.
Links to privacy information
Does this product meet our Minimum Security Standards?
People’s photos and videos are encrypted on the glasses using Android file-based encryption.
Two-factor authentication is encouraged.
Both app and glasses
A bug bounty program is in place.
When you set up your Ray-Ban Stories glasses, you have the option to turn on Facebook Assistant, a voice assistant that enables a hands-free way to capture photos and videos.
Is this AI untrustworthy?
What kind of decisions does the AI make about you or for you?
Is the company transparent about how the AI works?
Does the user have control over the AI features?
Facebook Doesn’t Know What It Does With Your Data, Or Where It Goes: Leaked DocumentMotherboard: Tech by Vice
Meta’s VR Headset Harvests Personal Data Right Off Your FaceWired
Why you shouldn’t buy Facebook Ray-Ban smart glassesAccess Now
Meta warns 1 million Facebook users their login info may have been compromisedThe Washington Post
Designed for privacy, controlled by you.Facebook
Ray-Ban Stories let you wear Facebook on your face. But why would you want to?The Conversation
Meta Faces Another Lawsuit Over Health Data Privacy PracticesHealthITSecurity
Listen: Next in Tech | Episode 38: Datacenter and Infrastructure Markets in ChinaS&P Global
Facebook warned over 'very small' indicator LED on smart glasses, as EU DPAs flag privacy concernsTechCrunch
Why Facebook is using Ray-Ban to stake a claim on our facesMIT Technology Review
Guide to Ray-Ban Stories: Bystander Privacy in a World of Wearable CamerasConnect Safely
Ray-Ban Stories, aka Facebook Glasses, are a privacy nightmareInput Magazine
Facebook Is Making Camera Glasses, Ha Ha Oh NoBuzzFeed News
Got a comment? Let us hear it.