(MintPress) — Privacy concerns are being raised after social networking site Facebook recently announced that it acquired Face.com, an Israeli company which makes facial recognition software.

“There is nothing more concerning in the privacy sphere than the marriage of Facebook and facial recognition. Every time you’re tagged, Facebook learns more about your face and how it looks with or without glasses, in various lighting, with facial hair, etc. It’s one of the few data sources that Facebook has yet to monetize, and the acquisition of Face.com suggests that making money off your face is on their to-do list,” Sarah Downey, a privacy analyst, was quoted by Venpop as saying.

While Facebook has not officially said how it will use the technology or for what purposes, many are concerned that users faces will be used by the company to make a profit.

And several countries have launched investigations into potential privacy violations by Facebook.

What Facebook may do with your face

Facebook has already been using the startup company’s software for about a year and a half, accessing the billions of pictures posted by users.

However, some speculate that Facebook bringing the vendor in-house implies that the company sees the technology as an area for potential growth. Enrollment of new users to the website has dwindled, after so many joined the site over the past few years.

“Whether the acquisition is to increase the use of facial-recognition software on the site or is just a financial move that makes more sense, it’s unclear at this point,” Chester Wisniewski, a senior security adviser for the security firm Sophos, told Mashable. “But it certainly raises security concerns for many who feel uncomfortable knowing that Facebook is analyzing their images.

“It’s also possible that this could open up doors for advertisers to target users in new ways based on what they are doing in pictures,” Wisniewski said. “But this would raise even more security concerns moving forward.”

In July, a U.S. Senate hearing was held. It highlighted concern over the growing use of facial recognition technologies, both for social networks like Facebook as well as in law enforcement.

Sen. Al Franken (D-Minn.), chair of the judiciary subcommittee hearing, said the expansion of such biometric technologies poses concern over privacy and civil liberties, according to news reports.

Franken said that in law enforcement, the use of facial recognition “will catch criminals,” but “could come at a high cost to our civil liberties” if police use the systems to target “innocent civilians” or political rallies.

Franken said he was concerned that facial recognition used by Facebook to “tag” or identify people could be abused by divulging information that members may not want to be made public.

Representatives of the FBI and Facebook testified about their safeguards, and civil liberties advocates and others offered views on the new technology.

Franken said facial recognition “exists right here today” and that “our federal privacy laws are unprepared to deal with this technology.”

“Law enforcement doesn’t need a warrant to use this technology,” Franken added.

Europe leads the way in privacy concerns

Earlier this month, Norway’s data-protection regulator raised concerns over the facial recognition program saying it breaches privacy rights.

“It’s a very powerful tool Facebook has and it’s not yet clear how it all really works,” Bjorn Erik Thon, Norway’s data-protection commissioner, told Bloomberg. “They have pictures of hundreds of millions of people. What material Facebook has in its databases is something we need to discuss with them.”

Throughout the European Union, data-protection regulators have been scrutinizing Facebook’s facial-recognition feature. Earlier this year, the EU’s so-called Article 29 Data Protection Working Party said the feature can only be used with people’s consent.

“It’s hard to keep track of all of the privacy settings on Facebook and people want to feel secure when posting personal information, so users may find themselves sharing less on the site,” Wisniewski said. “The recent news that LinkedIn passwords were compromised helped people realize that just because it’s a big company doesn’t mean that data is safe.”

“Users should always be provided with the possibility to withdraw consent in a simple manner,” the Article 29 group, which issues guidelines for national regulators, said. “Once consent is withdrawn processing for the purposes of facial recognition should stop immediately.”

Currently, Facebook does not offer any type of privacy setting to prevent users from having their faces accessed by the facial recognition software.

While Norway isn’t part of the EU, the country is coordinating an investigation with their Irish counterparts, who have been reviewing Facebook’s compliance with Irish and EU data-protection rules since last year. The company’s Irish office is Facebook’s main service provider to users outside the U.S. and Canada.

Irish regulators have already determined that Facebook needs to overhaul its service in Europe in order to increase “transparency and controls for the use of personal data for advertising purposes” and to delete “data held from user interactions with the site much sooner.”

In July, the regulator carried out a review of the company’s progress in implementing the changes and will release a second report of its findings later this year.

German officials reopen investigation

The German data protection authority has reopened its inquiry into Facebook’s facial recognition technology in the last few weeks.

The inquiry, which was set up by the Hamburg data protection agency, focused on Facebook’s Photo Tag Suggest feature. It was suspended in June after Facebook told the agency it was close to a breakthrough in its talks with the Irish Data Protection Agency. Germany planned to negotiate an agreement with Facebook.

However, Germany decided to reopen the inquiry after Facebook told the agency that it was unwilling to make any concessions beyond agreeing to stop collecting new facial profiles.

German officials are concerned because Facebook doesn’t tell users that the facial recognition technology is being used, and it claims that a biometrics database containing millions of faces has “immense potential” for being misused.

“This data has been collected without the necessary users’ consent rendering the resumption of the [agency’s] proceedings against Facebook inevitable,” Hamburg commissioner for data protection and freedom of information Professor Dr. Johannes Caspar told ZDNet News.

Caspar wants Facebook to delete all the data already gathered, or at least ensure that the users actively consent to their data being used in this way.

“Facebook seems to recognise that its current procedure to collect biometric data of its users conflicts with European and German data protection laws. This development is to be welcomed. Yet, Facebook is not entitled to stop their commitment halfway.”