Aside from the embarrassing gaffe that put Apple's Face ID in the spotlight when it failed to recognise Craig Federighi's smiling visage during the Apple dog-and-pony show earlier this week, Face ID is now facing questions from the US senate. But the implications are broader and the questions Tim Cook is being asked are interesting.
While there are concerns about how Face ID will normalise facial scanning, at least that's what Edward Snowden thinks, there are questions about where Apple got the billion facial images (no, not those sorts of facials) it says it used to test their algorithms, and whether Apple will provide facial recognition data to law enforcement officials.
I think Apple's reaction to the FBI over the San Bernardino shootings answers the last question.
On the provision of facial data, I assume Face ID works like Touch ID where the scanned finger (or, in this case, face) is converted into a string of data that is stored in the Secure Enclave.
Incidentally, the reason Federighi's demo failed is that the device was reset prior to the demo. When an iPhone is first unlocked after a power on or reset, you need to provide a passcode in order to access the Secure Enclave. So, Federighi needed to enter a passcode before Face ID would work - a scenario that hadn't been rehearsed.
So, the facial data is converted to a string of data and then stored in the Secure Enclave. The only responses that can be given to a request for the data are "yes" or "no". Either it's the right face for unlocking or it's not.
As I mentioned earlier in the week, while you can't be forced to provide a passcode, in the US, you can be compelled to provide a biometric measure by law enforcement officials because of how the First Amendment works.
We really haven't had a decent test case of how this new technology works under Australian law. However, if you are in any doubt, don't forget you can disable Touch ID or Face ID (when you get a new iPhone) by pressing the power button five times.