The core issue#
EFF’s latest Deeplinks post is not a technical disclosure. It is a public fundraising and accountability note. The claim is simple: privacy should not depend on whether a large technology company decides it is convenient, profitable, or politically safe to protect it.
The post opens with a quoted line that EFF attributes to a 2025 Meta internal document about face recognition software for smart glasses:
“We will launch during a dynamic political environment where many civil society groups that we would expect to attack us would have their resources focused on other concerns.”
EFF uses that quote to frame a broader argument. The concern is not only that another privacy-invasive product may be released. The sharper concern is that a company would allegedly weigh the timing of a launch against the expected capacity of civil society groups to respond.
That matters because privacy risk is often treated as a product-management problem. Companies decide what to collect, what to infer, what to retain, and what to disclose. Users see the result later, usually through settings screens, consent prompts, policy pages, or public controversy.
EFF’s position is that this model is backwards. Privacy is not a corporate favor. It is a public interest, a user right, and in many cases a human-rights issue.
What EFF says it is watching#
The source item names several corporate and government-facing privacy fights. It does not provide full technical detail in this short post, so the safe reading is narrow: EFF is pointing readers toward its ongoing oversight work, not presenting a new standalone investigation with complete evidence in this page.
The examples it cites include:
- Meta and face recognition software for smart glasses, framed through the quoted 2025 internal document.
- Google, where EFF says it found the company had failed to inform some users about government surveillance.
- Palantir, which EFF says is failing to live up to its stated human-rights commitments.
- DHS and ICE, where EFF says it is suing to reveal efforts related to privacy-enhancing free software.
Those are different kinds of fights. One is about biometric capture in consumer hardware. One is about notice to users when government surveillance affects them. One is about corporate human-rights commitments. One involves public-records or litigation pressure on government agencies.
The common thread is control. Who gets to know when privacy is being compromised? Who gets to challenge it before deployment? Who can verify whether a company’s public commitments match its internal conduct?
That is the part worth preserving. The article is not saying every cited matter is identical. It is saying the same failure mode appears across them: powerful institutions make decisions about user privacy with limited visibility, then expect the public to react after the fact.
Why smart glasses change the privacy equation#
The Meta example carries extra weight because smart glasses are not just another screen. A phone is visible when someone raises it to record. Glasses can make capture more ambient. If face recognition is involved, the device can potentially turn public space into an identification surface.
The source material does not give enough detail to say what specific Meta product version, feature state, deployment timeline, or technical design is involved. It also does not establish from this page alone whether a product launched, how it launched, or what safeguards may have existed.
But the category risk is clear.
Face recognition tied to wearable cameras can affect people who never bought the product, never accepted terms, and never had a meaningful chance to opt out. A bystander on a sidewalk, a worker in a shop, a protester, a patient near a clinic, or a child in a public place may all become part of the data environment created by someone else’s device.
That is why the timing quote matters. If accurate and representative, it suggests privacy resistance was treated as a launch obstacle to be managed, not as a substantive democratic check.
Companies often describe these systems in terms of convenience: memory aids, accessibility, safety, frictionless sharing, or contextual assistance. Some of those uses may be real. But usefulness does not erase the consent problem. The more invisible and persistent the sensing layer becomes, the less adequate ordinary consumer choice becomes as a privacy control.
What not to overclaim#
This source is advocacy material from EFF. It is useful, but it is not a full evidentiary packet.
A careful reader should not treat the post as proof of every underlying fact beyond what it directly states. It quotes a Meta internal document, but the excerpt in the collected material is short. It references Google, Palantir, DHS, and ICE, but the page excerpt does not include the full background for each claim. It also includes membership language and donation appeals, which is normal for a nonprofit campaign page but different from a technical report.
That does not make the privacy concern weak. It means the claim should be handled at the right level.
The strongest supported reading is this: EFF is asking supporters to fund and join a broader accountability campaign against corporate and government privacy abuses, using several recent or ongoing matters as examples. The public-interest value is in the pattern, not in pretending this short page contains all details.
For readers, this distinction matters. Privacy debates are easy to flatten into outrage. Better scrutiny asks harder questions:
- What exact data is collected?
- Is biometric processing involved?
- Is processing on-device, cloud-based, or shared with third parties?
- Can bystanders consent or opt out?
- Are users notified about government demands where legally possible?
- Are companies’ human-rights claims independently verifiable?
- Can civil society inspect the system before harm becomes normalized?
Those questions survive any single product cycle.
Practical takeaways#
For individuals, the lesson is not to wait for companies to define the privacy boundary for you.
Check the products you use for camera, microphone, face recognition, cloud backup, ad personalization, and location settings. Treat wearable devices with cameras as a different risk class from ordinary apps. If a service says it will notify users about government requests, look for a real transparency process, not only a policy sentence.
For organizations, especially those buying workplace devices or AI-enabled tools, ask for written answers before deployment. Demand data-flow diagrams, retention terms, biometric processing details, audit rights, and government-request procedures. If a vendor cannot explain who gets access to sensitive data, assume the risk is still yours.
For policymakers and civil society groups, the Meta quote highlighted by EFF points to a familiar problem: public oversight often arrives after product strategy is already set. That delay benefits large platforms. It also makes privacy harms harder to reverse once a device category becomes normal.
The useful response is not panic. It is pressure before deployment, transparency during deployment, and consequences after abuse.
EFF’s post ends with a call for membership and donations. That is the institutional ask. The broader privacy ask is larger: do not let corporate timing, internal risk models, or quiet policy changes decide what privacy means in public life.