At Macworld Expo in January, Apple made much of the two big new features in iPhoto '09, Faces and Places. Faces is face detection and recognition technology, and Places both reads GPS information stored with photos and enables you to add it yourself. Currently, Faces is the more successful of the two, since although it's relatively easy to add geotags to photos in iPhoto, most photos won't be geotagged until GPS chips are commonplace in cameras.
However, a programmer friend spelunking through the text strings stored in the iPhoto application binary made a rather unsettling discovery. There's an IP address deep in the bowels of iPhoto that points at a machine within a range of IP addresses controlled by the U.S. Department of Homeland Security. Users running Little Snitch haven't reported any unexpected traffic leaving iPhoto for the destination address, so whatever it is, it's not currently active.
Needless to say, Apple had no comment on the discovery. If forced to speculate, therefore, all I can think of is that there is some code in iPhoto with the capability of phoning home to the DHS. It wouldn't make sense to transfer entire photos most of the time, since massive data transfers would be obvious. But, if there were some way to transfer just the facial recognition data at a trickle rate, the DHS could compile it all and cross-reference it against facial characteristics of known terrorists. That may not be all that helpful on its own, but what if the facial recognition data was accompanied by geotags and date stamp information? If the DHS - or another government agency - could pinpoint when and where known terrorists were, even in the past, that could prove a huge aid in preventing further acts of terrorism and bringing them to justice.
The problem, of course, is that were such a feature to exist within iPhoto, it would be a massive privacy breach on an unparalleled scale. I can't see Apple, of all companies, going along with this sort of thing. However, over the past few years the U.S. government has been single-minded in its quest to capture terrorists, and I wouldn't be at all surprised if there was some super secret way the government could compel a private company to act in a way that protected the interests of national security. Of course, this isn't out of line with some previous secret government programs, such as all color laser printers putting a nearly invisible pattern of yellow dots on every page that includes the printer model and serial number, along with a date stamp.
Our request for information from the Department of Homeland Security was turned down, not surprisingly, although the spokesman did say that all projects begun under the previous administration were "under review." This is certainly one I'd like to see go under the axe, for if the DHS relies on iPhoto for its reconnaissance, it's anyone's guess who will end up under the magnifying glass, given pictures like this one.