Smile, You’re on Candid Camera, Whether You Like It or Not
Recalling the “Candid Camera” of your life, we can still remember the reactions from folks who had no idea they were being filmed. Allen Funt’s prescient reality TV show may be long gone from the airwaves, but in its place is a wave of always-on technology that can make anyone a star, even if they don’t want to be. The latest example is smart glasses—wearable computers designed to look like regular everyday wearable devices. So far, these have been used for entertainment and gaming, but now they are also being used for professional purposes. The U.S. Department of Homeland Security has proposed $7.5 million to develop smart glasses that can be used by immigration enforcement agents for real-time biometric recognition of people in the country without legal authorization. As in, ICE and Border Patrol agents walking around scanning people’s faces. Sounds like something out of “RoboCop.” We had concerns about these devices before even considering large-scale deployment by law enforcement. What if we just want to walk down the street without having our faces scanned and our identities uploaded into the network? The technology is moving faster than the norms and laws meant to govern it. What once required a visible camera and a deliberate act can now happen quietly, continuously, and at scale. “Smile, you’re on candid camera” used to be a punch line. Now it feels more like a warning.
The Rise of Smart Glasses: From Entertainment to Surveillance
Smart glasses have been in development for years. Google Glass, launched in 2013, was a commercial failure, largely because of privacy concerns and social awkwardness—people did not want to be recorded by someone wearing a conspicuous device on their face. But technology has improved. The latest smart glasses look like ordinary eyewear. You cannot tell if the person next to you on the subway, in a coffee shop, or on a public street is wearing a camera. The recording can be continuous, triggered by voice commands, or activated by a discreet button.
Millions of pairs of these glasses have already been sold to regular customers. Companies like Meta are moving quickly to expand what these devices can do, including identifying people and instantly pulling up information about them, potentially turning ordinary public encounters into data points for the companies that make the glasses. What they plan to do with that data, we don’t know.
The consumer market is one thing. The government market is another. The Department of Homeland Security’s proposal to develop smart glasses for immigration enforcement is a significant escalation. Agents would be able to walk through a crowd, scan faces, and instantly check them against databases of persons of interest. A person who is in the country without legal authorization could be identified without a warrant, without probable cause, without any suspicion. The agent would not need to stop the person, question them, or obtain consent. The identification would happen silently, instantly, and automatically.
The Privacy Threat: Practical Anonymity Under Siege
What if we just want to walk down the street without having our faces scanned and our identities uploaded into the network? That question gets to the heart of the privacy threat. In public spaces, we have traditionally had a certain degree of practical anonymity. Yes, we are visible to others. Yes, we can be photographed or filmed by security cameras. But those cameras are usually fixed, obvious, and limited in scope. They do not follow us from place to place. They do not instantly identify us. They do not link our faces to our names, addresses, social media profiles, and other personal data.
Smart glasses change that. A person wearing smart glasses can record you in multiple locations, build a profile of your movements, and share that data with others. The glasses can be linked to facial recognition databases, allowing instant identification. The glasses can be connected to the internet, uploading footage to cloud servers for analysis by artificial intelligence.
“Face recognition technology on the streets of America poses a unique identity threat to the practical anonymity we all rely on,” Nathan Freed Wessler of the American Civil Liberties Union told The New York Times. “This technology is ripe for abuse.”
He is right. What good reason is there to record someone anonymously and without their consent? There are some legitimate uses: journalists documenting public events, activists monitoring police conduct, researchers studying crowd behaviour. But the default should be consent. The burden should be on the recorder to justify the recording, not on the subject to prevent it.
Legal Protections: Inadequate and Reactive
Illinois does offer some protections. The state generally requires all-party consent jurisdiction when it comes to recording private conversations, and it has some of the strongest biometric privacy laws in the country. Illinois’s Biometric Information Privacy Act (BIPA) requires companies to obtain informed consent before collecting biometric data (including face scans). It also requires them to provide a retention schedule and a destruction policy. BIPA has been used to sue companies like Facebook (for its face-tagging feature) and Google (for its voice recognition).
But those protections have limits. Much of what these devices capture may fall outside traditional definitions of privacy, especially in public spaces. A conversation on a public street may not be considered “private” under wiretap laws. A face captured in a public park may not be considered “biometric data” if it is not stored for future identification. The definitions are outdated. The technology is new.
Even when rules are violated, enforcement is reactive. By the time you realize someone has recorded you without your consent, the damage is already done. Your face is in a database. Your identity is linked to a location and time. Your data has been shared with unknown third parties. You may never know that you were recorded. You may never have the chance to consent or object.
The Core Problem: Technology Outpacing Law
That is the core problem. The technology is moving faster than the norms and laws meant to govern it. What once required a visible camera and a deliberate act can now happen quietly, continuously, and at scale. A single person with a pair of smart glasses can record hundreds of faces in an hour. A law enforcement agency with a fleet of agents wearing smart glasses can record millions of faces in a day. The data can be stored indefinitely, shared across jurisdictions, and analysed by AI.
The legal framework was designed for a world where recording was conspicuous, storage was expensive, and analysis was manual. That world no longer exists. The Fourth Amendment to the U.S. Constitution protects against unreasonable searches and seizures. But the Supreme Court has held that there is no reasonable expectation of privacy in public spaces. You are visible to others; you can be seen. But being seen is not the same as being recorded, identified, and tracked. The Court has not yet grappled with the implications of always-on, face-recognising, cloud-connected cameras.
Some courts have begun to address these issues. In the 2023 case of Commonwealth v. Mendes, the Massachusetts Supreme Judicial Court held that police use of a private smart doorbell camera to monitor a suspect’s home was a search requiring a warrant. In the 2024 case of Carpenter v. United States, the Supreme Court held that obtaining cell phone location records from a third party is a search under the Fourth Amendment. But these are incremental steps. There is no comprehensive federal privacy law in the United States. There is no federal ban on facial recognition by law enforcement. There are no federal rules for the use of smart glasses by private citizens.
The Regulatory Gap: What Needs to Be Done
What needs to be done? First, Congress should pass a comprehensive federal privacy law that covers smart glasses and other wearable cameras. The law should require consent for recording in public places, except for specific exceptions (journalism, law enforcement with a warrant, scientific research with IRB approval). The law should require data minimisation: you can record, but you cannot store the footage indefinitely; you cannot share it without consent; you cannot use it for purposes unrelated to the original recording.
Second, states should strengthen their biometric privacy laws. BIPA is a model, but it is limited to Illinois. Other states should adopt similar laws. The federal government should consider a national biometric privacy law, setting a floor that states cannot go below.
Third, law enforcement use of smart glasses should be subject to strict oversight. Any agency that deploys facial recognition-equipped smart glasses should be required to obtain a warrant before scanning faces in public. There should be an audit trail of every scan, accessible to the public and to courts. There should be a prohibition on using smart glasses to target individuals based on race, religion, or political views.
Fourth, private companies that make smart glasses should be required to design them with privacy in mind. The glasses should have a visible indicator when recording. The glasses should not be able to record without the user’s active initiation. The glasses should not transmit data to cloud servers without the user’s explicit consent. These are not technical impossibilities; they are design choices.
Conclusion: A Warning, Not a Punch Line
We are not Luddites. There are real benefits to this technology—from hands-free communication to potential accessibility gains. A person with mobility impairments could use smart glasses to navigate, to read signs, to identify objects. A person with memory loss could use smart glasses to recognise faces, to recall names, to find their way home. A surgeon could use smart glasses to display patient data without looking away from the operating table. A repair technician could use smart glasses to receive instructions while keeping both hands free.
But those benefits should not come at the cost of basic expectations of privacy. People should be able to move through the world without wondering whether every glance, every conversation, or every face is being captured, analysed, and stored. “Smile, you’re on candid camera,” used to be a punch line. Now it feels more like a warning. The question is not whether the technology will be used; it is whether we will regulate it before it is too late. The camera is rolling. The world is watching. And for once, we are not laughing.
Q&A: Smart Glasses, Surveillance, and Privacy
Q1: What are smart glasses, and how are they different from earlier wearable cameras like Google Glass?
A1: Smart glasses are “wearable computers designed to look like regular everyday wearable devices.” Unlike early versions like Google Glass (2013), which were conspicuous and socially awkward, the latest smart glasses “look like ordinary eyewear.” You cannot tell if the person next to you is wearing a camera. Recording can be “continuous, triggered by voice commands, or activated by a discreet button.” Millions of pairs have been sold to regular customers. Companies like Meta are expanding capabilities to include “identifying people and instantly pulling up information about them.” The Department of Homeland Security has proposed $7.5 million to develop smart glasses for immigration enforcement, enabling agents to scan faces and instantly check databases for “persons of interest” without a warrant or probable cause.
Q2: What is the privacy threat posed by smart glasses, according to the article?
A2: The core threat is the loss of “practical anonymity” in public spaces. Traditionally, security cameras are “fixed, obvious, and limited in scope.” They do not follow you, instantly identify you, or link your face to personal data. Smart glasses can do all three. A person wearing smart glasses can “record you in multiple locations, build a profile of your movements, and share that data with others.” They can be linked to facial recognition databases for “instant identification.” Nathan Freed Wessler of the ACLU stated: “Face recognition technology on the streets of America poses a unique identity threat to the practical anonymity we all rely on. This technology is ripe for abuse.” The article asks: “What good reason is there to record someone anonymously and without their consent?”
Q3: What legal protections exist against surreptitious recording by smart glasses, and what are their limitations?
A3: The article cites Illinois as having some of the “strongest biometric privacy laws in the country” (Biometric Information Privacy Act, BIPA), requiring informed consent for collecting biometric data and providing retention/destruction policies. However, these protections have “limits”: much of what smart glasses capture may fall outside “traditional definitions of privacy, especially in public spaces.” A conversation on a public street may not be considered “private” under wiretap laws; a face captured in a public park may not be considered “biometric data” if not stored for future identification. Even when rules are violated, “enforcement is reactive.” By the time you realize you’ve been recorded, “the damage is already done.” The article notes the “core problem” is that “technology is moving faster than the norms and laws meant to govern it.”
Q4: What legal cases have begun to address privacy concerns related to modern surveillance technology?
A4: The article cites two cases:
-
Commonwealth v. Mendes (2023, Massachusetts Supreme Judicial Court): Held that police use of a “private smart doorbell camera to monitor a suspect’s home was a search requiring a warrant.”
-
Carpenter v. United States (2024, US Supreme Court): Held that obtaining “cell phone location records from a third party is a search under the Fourth Amendment.”
However, the article notes these are “incremental steps.” The Supreme Court has held there is no “reasonable expectation of privacy in public spaces”—you are visible to others. But being “seen” is not the same as being “recorded, identified, and tracked.” The Court has not yet grappled with the implications of “always-on, face-recognising, cloud-connected cameras.” There is no “comprehensive federal privacy law” in the US, no federal ban on facial recognition by law enforcement, and no federal rules for smart glasses use by private citizens.
Q5: What regulatory solutions does the article propose to address the privacy threats of smart glasses?
A5: The article proposes four solutions:
-
Comprehensive federal privacy law: Require consent for recording in public places (with exceptions for journalism, law enforcement with a warrant, scientific research with IRB approval). Require data minimisation—no indefinite storage, no sharing without consent, no use for unrelated purposes.
-
Strengthen biometric privacy laws: Use Illinois’s BIPA as a model; other states should adopt similar laws; consider a national biometric privacy law.
-
Law enforcement oversight: Require warrants before scanning faces in public; create an audit trail of every scan; prohibit targeting based on race, religion, or political views.
-
Privacy-by-design for manufacturers: Smart glasses should have a “visible indicator when recording”; should not record without “active initiation”; should not transmit data to cloud servers without “explicit consent.”
The article concludes that there are “real benefits” to the technology (healthcare, accessibility, repair work), but “those benefits shouldn’t come at the cost of basic expectations of privacy.” “Smile, you’re on candid camera” used to be a punch line; now it’s a “warning.” The camera is rolling, and “for once, we are not laughing.” The question is whether we will regulate it “before it is too late.”
