On June 4, Wired reported that the Meta AI app, the companion app for Ray-Ban Meta and Oakley Meta smart glasses with more than 50 million installs, contained dormant code for a feature called NameTag: convert the faces the glasses see into faceprints, match them on the phone, and tell the wearer who they are looking at. The capability was not enabled, no user could trigger it, but the pipeline had shipped and was sitting in production software on tens of millions of phones. One day later, Meta pushed an update stripping the code out. Ars Technica's tech policy desk wrote up the full arc today, and it is the cleanest specimen yet of a pattern worth naming: the capability deployed before the policy decision about it was made.
Meta's response went after the reporting, not the report. Communications chief Andy Stone called the story 'more than shoddy reporting, it's intellectually dishonest'; CTO Andrew Bosworth called it 'incredibly misleading' and 'absolutely dishonest.' What neither disputed is that the code did what Wired said it did. Stone's other line is the one that matters: 'No final decision has been made on what to do here, if anything.' The history makes the ambivalence legible. Meta retired Facebook's face recognition system in 2021 and deleted more than a billion faceprints; Bosworth has been openly discussing face recognition in glasses since that same year, usually framed as accessibility and memory assistance. The denial targets the framing that this was about to ship in secret. The artifact itself targets nothing, it was simply there, in the app, built.
Identifying strangers from their face is the exact scenario a decade of biometric privacy law was written against, Illinois' BIPA most famously, which is why faceprints sit in the strictest category of regulated biometrics in every serious privacy regime. The EFF, which had campaigned against the feature since the first reports that Meta was exploring it, claimed the removal as a victory. Maybe. The quieter reading is that the removal was operationally free because the feature was never on, and 'no final decision has been made' means exactly what it says: the code can return in any future update, and the next iteration may not be sitting in a place a reporter can find.
The accountability mechanism that actually worked here is worth naming too: transparency by teardown. A journalist reading shipped app code surfaced what no disclosure, no audit requirement, and no regulation did. The 50 million installs were never running NameTag, but the capability had been delivered to them in a disabled state, and the difference between a feature that does not exist and a feature that exists but is switched off is the difference between a policy debate happening before deployment and after it. As of this week, it is after.
