EFF's Threat Lab confirmed that Meta has already shipped working facial recognition code inside its always-on smart glasses. Cooper Quintin published the findings on June 4. Static analysis of the production app shows the recognition pipeline sits on the device today, ready to run. The only missing piece is the consumer-facing button.
An independent researcher demonstrated it on shipped hardware. They connected the paired phone to a computer in debug mode, registered a face into the local database, and watched the glasses recognize that face on sight. Millions of Meta glasses are already in use. The same code path is on every one of them.
Two unreleased Meta features named Nametag and Connections fit the recognition behaviour. The code stores each face as a vector of 2,048 numbers, a standard face embedding. Compare any newly-seen face against the local database, find the closest vector, surface a name. Once Meta enables the consumer UI, this happens silently as the wearer walks around. Wired reported the same architecture and Meta declined to confirm or deny the rollout window.
Meta has been here before. The company paid $650 million to settle a Biometric Information Privacy Act case in Illinois and shut down the Facebook photo face recognition feature in 2021. The grounds for the BIPA case were exactly the harm pattern Meta is now rebuilding. Internal Meta planning documents quoted in recent reporting describe the current timing as benefiting from a "dynamic political environment." That is the corporate phrasing for an enforcement vacuum.
The capability is the device. The UI toggle is paperwork. If the recognition pipeline sits on a device shipped to millions of homes, the person walking past a wearer has no protection in the consumer settings menu. Meta controls the switch. Meta can flip it. The face embedding workflow exists today on cameras the wearer does not fully control. The threat surface widens with every new pair of glasses sold.
That is what always-on means in practice. The glasses face outward and capture continuously. The recognition pipeline is bundled, calibrated, and waiting. A vector representation of any face the glasses see can be calculated and stored on hardware tied to Meta accounts. Meta took the privacy decision when the code was packaged with the firmware. The person being scanned has no input into it.
The standard defence runs that nothing in this story breaches user agreements because the feature is not yet deployed to users. That framing accepts the wrong premise. Code shipped to consumer devices is live for engineering and operational purposes the moment it is on the hardware. Internal builds, employee testing, third-party reverse engineering, and undocumented flags all become attack surface immediately. Meta does not get to claim a recognition system does not exist because the marketing page has not been written yet.
The same logic applies to legal exposure. A subpoena that asks for face embeddings stored against a Meta account does not care whether the consumer-facing app advertises the feature. A national security letter does not pause for a press release. The capability is the asset. The asset is now sitting on millions of devices tied to logged-in Meta accounts.
Anyone within camera range of a Meta glasses wearer is now within range of a face recognition system whose policy depends on Meta's discretion and whose threat surface depends on Meta's internal security. The capability is deployed now.
Blackout VPN exists because privacy is a right. Your first name is too much information for us.
Keep learning
FAQ
What did EFF actually find inside the Meta glasses app
EFF's Threat Lab confirmed via static analysis that working facial recognition code ships in the production Meta glasses app. The code stores faces as 2,048-number embeddings and matches incoming faces against that local database. The pipeline sits on every shipped device.
Has Meta turned the feature on for users
Not as a public advertised feature. The code path is reachable in debug mode and an independent researcher demonstrated it works on a shipped device. The consumer UI is what's missing, not the capability.
Which Meta product is this
Meta's always-on smart glasses, the same line Meta sells to consumers today. Internal Meta planning has referenced two unreleased features named Nametag and Connections that fit the recognition behaviour found in the code.
Hasn't Meta already paid for doing this once
Meta settled an Illinois Biometric Information Privacy Act case for $650 million and shut down Facebook photo face recognition in 2021. The rollout proceeds anyway. Meta's own internal notes flag the timing as deliberate.
What does this mean for people who don't wear them
A wearer can encode any face nearby into a vector that lives on a device tied to a Meta account. The exposure decision is taken by the wearer's hardware, not by the person being scanned. The privacy interface for bystanders does not exist.