.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.svg){kind=small}
.webp?width=1220&height=1090&name=Osano-guarantee-seal%20(1).webp)
A few weeks ago, I closed this newsletter by asking: how will anybody consent to having their facial biometrics processed by a smart glasses wearer? I didn't expect that question to be quite so urgent.
Last week, Wired discovered dormant facial recognition code sitting inside the companion app for Meta's Ray-Ban glasses. The feature, internally dubbed "Name Tag," was designed to convert photos of faces into biometric identifiers. The very next day, Meta quietly pushed an update to remove the code entirely. The feature was never activated, we're toldâbut it shipped in a live product, and nobody told users it was there.
Meanwhile, European regulators aren't waiting around for smart glassesâ latent biometrics-processing features to go active before acting. As Politico reported this week, the EU is actively eyeing a crackdown on smart glasses privacy, with legislators pressing the Irish Data Protection Commission for answers about how Meta's glasses collect and process personal data. The complaints aren't theoreticalâwomen have been filmed without their knowledge, intimate footage was reportedly reviewed by overseas contractors, and it's becoming clear that existing GDPR frameworks weren't designed with a face-mounted camera in every social setting in mind.
The throughline across both stories is consentâspecifically, its absence. When you walk past someone wearing smart glasses, there's no cookie banner, no opt-out, no notification. Regulators are starting to ask what meaningful consent even looks like here. I'm not sure anyone has a good answer yet.
Best,
Arlo
New From Osano
Blog: Wiretap Lawsuits: Why CIPA, the ECPA, and the CDAFA Are a Package Deal
Wiretap litigation isnât a brand-new concept anymoreâbut even when businesses are prepared to respond to a demand letter, it can be a shock to see more than just CIPA invoked. Find out why the ECPA and CDAFA so often accompany CIPA in wiretap demand letters and how your business can reduce its risk.
Events
Webinar: Privacy Enforcement 2026: Regulatorsâ Focus and Compliance Priorities
2026 is more than halfway through, but it feels like a yearâs worth of data privacy developments have already transpiredâand thereâs already more on the horizon. Join Osanoâs Senior Privacy Program Manager Ashley Fowler and Red Clover Advisorsâ Jodi Daniels for a webinar thatâll clarify the complexity of 2026âs privacy enforcement and compliance.
Save your seat | June 30, 1 pm EST
Top Privacy Stories of the Week
Meta Quietly Removes Face-Recognition Code From Its Smart Glasses App
Only a day after a dormant bit of code that seemed to be a facial recognition algorithm was discovered in a companion app for its smart glasses, Meta released an update that removed that code. Wired Magazine uncovered the suspicious code, internally dubbed Name Tag within Meta, while reviewing code for a Meta AI app that handles some core features of the glasses. In other words, the same app necessary for pairing Meta smart glasses to a user's phone over Bluetooth was also ready to start harvesting every face a user passed by while wearing them.
No Tech Rule Exemption for Apple, EU Regulators Say Amid Spat Over Siri AI Delay
EU regulators âslammed Apple on Tuesday for blaming EU tech rules for its decision not to roll out its upgraded assistant Siri AI in the European Union for now, saying they had rejected the company's request for an 18-month exemption from its obligations. The iPhone maker on Tuesday said Siri AI âwould not be available initially in the EU on iPhones or iPads and faulted the European Commission for ârefusing to engage constructively with them to ensure privacy and security on their devices.
Louisiana Enacts Consumer Data Privacy Law
Louisiana Governor Jeff Landry recently signed the Louisiana Data Privacy Act (SB 386) into law. The new law largely tracks Texasâ law but with some notable differences, including its applicability standard, among others.
Signal Says UK Plan to Scan Devices for Nude Images 'Endangers Us All'
Signal insists that plans to compel tech companies to scan devices for nude images of children announced by UK Prime Minister Keir Starmer on Monday at London Tech Week "will not keep children safe." Signal argues that the proposed technology could, at some point, be repurposed to enable state-sponsored surveillance of all citizens' communications, or used as a mass censorship tool.
New Privacy Frontier: Europe Eyes Crackdown on Smart Glasses
Europe is ramping up its warnings over the surveillance risks of smart glasses, in what is seen as the next big fight over people's physical privacy. Privacy activists are warning that the glasses violate key principles like consent, since people captured in the built-in cameras can't really object to their data being processed. Concerns peaked when Swedish media reported earlier this year that subcontractors for Meta in Kenya were reviewing âdeeply privateâ footage captured by the firm's smart glasses to help annotate the content to train artificial intelligence models.
Like what you see in the Privacy Insider newsletter?
There's more to explore:
đïžThe Privacy Insider Podcast
We go deeper into additional privacy topics with incredible guests monthly. Available on Spotify or Apple.
đ± The Osano Subreddit
Join our official subreddit to stay up to date on the latest news, analysis, guidance, and content from Osano!
đ The Privacy Insider: How to Embrace Data Privacy and Join the Next Wave of Trusted Brands
The book inspired by this newsletter: Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start building a privacy program from the ground up. More details here.
If youâre interested in working at Osano, check out our Careers page!
