I watched a tiny commit land inside an app that sits on more than 50 million devices and felt the room tilt. You keep scrolling through product updates until one word — NameTag — makes your hands tighten. It was a Trojan horse.
The code showed up in the app: What Wired discovered
Wired dug through the Meta AI app and found library files for a facial-recognition feature named NameTag. The code wasn’t live for users, but it was present in an application downloaded onto tens of millions of phones. That presence alone is the headline: exploration of a feature that could identify people seen through Ray‑Ban smart glasses.
Did Meta actually enable face recognition in the app?
No — Wired and Meta both say the feature was not enabled. The files were inert, not rolled out as a working function. But inactivity doesn’t erase intent. Companies don’t casually leave sensitive code lying around; code is evidence of planning, not just possibility.
The company removed the code: The quiet fix and the loud reaction
Meta pushed an update over the weekend that stripped the facial-recognition libraries from the latest release of the app. That looks like damage control: remove the offending lines, stop the leak, move on.
What didn’t stay quiet was Meta’s public pushback. Andy Stone, Meta’s VP of Communications, and Andy Bosworth, the company’s CTO, both accused Wired of bad reporting on X. Stone called the story “intellectually dishonest” for placing the “not enabled” detail later in the copy. Bosworth said it was “incredibly misleading.” Neither replied with specifics that refuted the factual pieces Wired cited.
Why did Meta remove the code?
Because the optics are terrible and privacy advocates would pounce. Meta’s history with facial recognition — from statements by Bosworth in 2021 to internal memos reported by the New York Times earlier this year — shows this wasn’t a one-off experiment. Removing the code is less about accepting error and more about avoiding a public fight over a feature that looks invasive.
Past signals matter: What Meta’s record tells us
Meta has publicly flirted with facial recognition for its glasses before. In 2021 Bosworth said Meta was “looking at” the capability; this year the New York Times described internal planning for it. When a company repeatedly sows the idea of a feature and then pushes supporting code, you can’t treat discovery as a random surprise.
I’ve tracked tech product cycles long enough to know the pattern: internal desire, developer experiments, a quiet commit, then a public reveal or retreat depending on reaction. You should treat each commit as a policy clue, not a bug note.
Should consumers worry about their privacy?
Yes. Even exploratory code signals intent. Smart glasses with real-time identification change public norms — they change how you move through city streets, conversations, even dates. Ray‑Ban’s partnership with Meta puts a fashion brand and a surveillance-capable tech company in the same sentence, and that fusion deserves scrutiny from regulators and users.
How Meta argued and what it reveals
Meta’s line was simple: the feature wasn’t enabled and no final decision has been made. That’s true, but defensive messaging can be a smokescreen. The louder the denial, the more attention the original discovery receives; Meta’s response was a car alarm blaring — loud, defensive, impossible to ignore.
Stone’s complaint that Wired buried certain qualifiers reads as a media-relations tactic: attack the messenger to dilute the message. It won’t change the documented facts: files existed, leadership previously expressed interest, and the company has a record of chasing recognition technology.
What to watch next: practical signs that matter
Track three things and you’ll have a good read on whether Meta moves forward: commits in public repos, internal memos leaked to outlets like the New York Times, and product releases for Ray‑Ban smart glasses that mention identity or “connections.” If those three line up, a feature is more than a thought experiment.
I’ll keep watching the Meta AI app updates, developer logs, and executive posts. You should too — privacy regressions rarely announce themselves with a trumpet.
Wired flagged the trace, Meta scrubbed the code, and the company shouted at the reporting; do you trust the explanation or the evidence?