Meta Ray-Ban Smart Glasses Recordings Reviewed by Human Contractors, Triggering Privacy Scrutiny
Investigations reported by Swedish outlets Svenska Dagbladet and Göteborgs-Posten found that recordings captured by Meta Ray-Ban smart glasses—including video and audio—are being reviewed by human contractors as part of AI training and quality assurance workflows. Workers employed by Sama, a Meta subcontractor in Nairobi, Kenya, described routinely handling highly sensitive content inadvertently recorded by users, including bathroom visits, undressing, sex/pornography, and private conversations, as well as incidental capture of bank cards and other identifying details; interviewees said they feared reprisals for raising concerns and described strict on-site controls intended to prevent leaks.
Following the reporting, the UK’s privacy regulator, the Information Commissioner’s Office (ICO), confirmed it is contacting Meta to ask questions about the devices and associated data-handling practices. While Meta’s terms reportedly disclose that some interactions may be reviewed by humans to improve the system, the reporting and worker accounts suggest the review pipeline can include intimate or identifying moments that wearers may not expect to be viewed by third parties, raising regulatory and reputational risk around consent, transparency, and safeguards for bystander and user privacy.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
3 events from the most recent confirmed update back to the earliest known activity.
UK ICO opens inquiries with Meta over Ray-Ban privacy concerns
The UK Information Commissioner's Office said it was contacting Meta to seek information on how the company complies with UK data protection obligations for its Ray-Ban Meta AI smart glasses. The regulator called the allegations concerning and highlighted requirements for transparency about what data is collected, how it is used, and who can access it.
Meta points to policies allowing human review of smart-glasses content
Following questions about the investigation, Meta said user content may be reviewed in certain circumstances to improve its AI products and pointed to its privacy policies and terms of use. The company said users can manage and delete recordings, while its policies describe cloud processing, human review, and sharing with third-party vendors and service providers.
Swedish media investigation reveals contractor review of Ray-Ban footage
A joint investigation by Svenska Dagbladet and Göteborgs-Posten reported that Meta subcontractor workers at Sama in Nairobi were reviewing audio and video captured by Ray-Ban Meta smart glasses to label data for AI systems. Workers said the material included highly sensitive content such as intimate moments, bathroom use, private conversations, and visible financial information, and that anonymization measures did not always work.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
4 references tracked. Mallory keeps watching after this page renders.
Can Meta see your private life through its Ray-Ban smart glasses? What to know | ZDNET
zdnet.com
Open sourceWorkers report watching Ray-Ban Meta-shot footage of people using the bathroom - Ars Technica
arstechnica.com
Open sourceWorkers reviewing Meta Ray-Ban footage encounter users’ intimate moments - Help Net Security
helpnetsecurity.com
Open sourceMeta smart glasses face UK privacy probe • The Register
go.theregister.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Privacy Risks of Smart Glasses in Healthcare Environments
Smart eyewear devices such as Meta Ray Ban glasses, equipped with microphones, cameras, and AI connectivity, present significant privacy and data security risks when used in hospital settings. These devices can inconspicuously record or livestream protected health information (PHI), including patient images and conversations, often without the knowledge or consent of those being recorded. The presence of a small LED indicator is insufficient as a safeguard, especially since third-party products exist to obscure the light, making unauthorized recording even harder to detect. Healthcare organizations face challenges as these are often unmanaged devices brought in by patients or staff, bypassing institutional controls and oversight. The direct connectivity of these glasses to social media platforms like Facebook and Instagram increases the risk of inadvertent or malicious disclosure of sensitive information, potentially violating HIPAA/HITECH regulations. The inconspicuous nature of smart glasses differentiates them from more obvious recording devices like smartphones, heightening the risk of unnoticed privacy breaches in clinical environments.
Mar 21, 2026
Expansion of AI-Enabled Camera Surveillance Raises Privacy and Biometric Identification Concerns
The New York Metropolitan Transportation Authority (MTA) is testing new subway gates that use **AI-powered cameras** to capture short recordings when riders are suspected of fare evasion and to generate a physical description that is transmitted to the MTA, prompting criticism from privacy advocates concerned about persistent monitoring in public transit. The MTA has also solicited vendor input for systems using computer vision and AI to detect “unusual or unsafe behaviors,” reflecting broader growth in surveillance deployments across New York City. In parallel, consumer **AI smart glasses** are re-emerging with built-in cameras and microphones, intensifying concerns that everyday wearables can enable covert recording and downstream biometric identification. Reporting highlighted that footage from *Ray-Ban Meta* smart glasses can be paired with external facial-recognition services to identify strangers, and noted policy issues such as cloud storage of wake-word voice recordings (potentially retained up to a year) and uncertainty about future features like on-device facial recognition; retailers in New York (e.g., Wegmans and others) are also expanding facial-recognition use, underscoring the convergence of AI, biometrics, and surveillance in both public and commercial spaces.
Mar 21, 2026
Meta Suspends Internal AI Training Program After Employee Data Exposure
Meta halted its internal **Model Capability Initiative (MCI)** after a permissions misconfiguration exposed sensitive employee-monitoring data to the company’s broader workforce. The program, launched in April for U.S.-based employees, collected detailed telemetry including mouse movements, clicks, keystrokes, and occasional screenshots to train internal AI and machine-learning systems. Reuters-reported documents indicated the exposed data included private conversations, AI prompts and request transcripts, and other records gathered from internal systems. Internal concerns had reportedly been raised earlier about both the intrusiveness of the monitoring and data-storage weaknesses, with a later security alert finding confidential information accessible in cleartext to Meta employees. The exposed material reportedly included named HR performance data and documents classified under DSS sensitivity levels 1 through 4. Meta said it has found no evidence of improper employee access or malicious exploitation, but it suspended the program while investigating and has not said when, or in what form, it may resume.
Jun 25, 2026