“’Biometric’ is a broad term which relates to a person’s physical attributes and needs to be clearly explained. Even though X’s new policy asks users for their consent regarding the collection of biometric data, there is a real risk that their right to privacy will be violated.
“The new policy does not clearly spell out how that data will be stored and the safety measures in place to ensure that the information collected will not be used for unlawful purposes. With over 500 million users, such a system-wide collection of extremely sensitive data poses huge security and privacy risks. Even more concerning is the provision that X will collect information about the location of users and their private messages, which may constitute mass surveillance.
“Users’ information will also be used to train X’s machine learning and artificial intelligence models. Yet users are not explicitly given the option of agreeing that their data should be used for this purpose. X claims to be a platform that promotes freedom of expression but its carte blanche approach to profit-making poses a serious risk to individual rights.”
As well as the collection of biometric data, the new policy introduces the collection of information about users’ employment history and most notably, makes provision for the sharing of encrypted messages for security reasons.
According to X’s policy, it collects “metadata related to Encrypted Messages and when you use Direct Messages, including contents of the messages, the recipients, and date and time of the messages.”