An Instagram Reel that has been circulating for a few weeks shows a man on the New York subway wearing Ray-Ban glasses. On screen: "linked to their glasses — AI." Headline: "Meta's AI glasses scandal: Kenyan annotators exposed to intimate content." What this video sums up in 60 seconds is one of the most disturbing privacy revelations of 2026 in the age of AI — and it directly concerns Quebec organisations.
This article follows our analysis of shadow AI and Law 25 published last week. Where ChatGPT and Copilot raise the problem of data deliberately entered by your employees, smart glasses raise a more insidious problem: the passive capture of third-party data — passersby, citizens, colleagues, family members — who never consented to anything.
What happened in Kenya — and why it concerns you
In February 2026, the Swedish newspapers Svenska Dagbladet and Göteborgs-Posten published an investigation that landed like a bombshell. Workers at Sama, a Nairobi-based data annotation company under contract with Meta, described what they viewed at the office every day: footage captured by their users' Ray-Ban Meta glasses.
"I saw a video where a man sets his glasses down on the nightstand and leaves the room. Shortly after, his wife comes in and undresses. You understand that it's someone's private life you're watching, but at the same time you're expected to do the job. You're not supposed to ask questions. If you start asking them, you're fired."
The footage included sexual intercourse, trips to the toilet, undressing, and banking details displayed on screen. The people wearing the glasses had simply activated Meta's AI feature to ask for a recipe, identify a landmark, or film their day. They had no idea their videos would be watched by a human being thousands of kilometres away.
Two months after the revelations, Meta terminated its entire contract with Sama, leaving 1,108 workers jobless with six days' notice. The Kenyan workers' organisation denounced this as direct retaliation. Meta claims that Sama "did not meet its standards." A class action, regulatory investigations in the United Kingdom and Kenya, and a warning from the EFF (Electronic Frontier Foundation) followed. Sources: The Next Web · Futurism.
How it works — and where your consent went
The Ray-Ban Meta glasses feature a 12-megapixel camera, a microphone and a permanent connection to Meta's AI. A capacitive button on the frame triggers recording. A small white LED is meant to signal that the glasses are filming — but it is easily missed on the street, in a café or in a meeting, and can be disabled or covered up.
When a user interacts with Meta AI — asking it a question about what they see — the images and videos are sent to Meta's servers. And there, in the terms of service, a clause that no one reads states that Meta may have this content reviewed by humans:
"We may review your interactions with the AIs, including the content of your conversations or messages directed to the AIs, and this review may be automated or manual (human)." — Meta AI Terms of Service, 2025 · Source: Futurism
In other words: you cannot use the AI features of the glasses without agreeing that your videos may potentially be seen by humans. This is not a configuration flaw. It is a deliberate architecture, buried in a legal document that the vast majority of users will never read.
The people filmed by the glasses — passersby, colleagues, family members, citizens at a meeting — never signed Meta's terms of service. They consented to nothing. Yet it is their faces, their voices and their behaviours that feed the AI models. In Quebec, Law 25 considers these people to be the subjects of the personal information collected — and their consent is mandatory.
Harvard, October 2024: the demonstration that changed everything
Even before the Kenyan scandal, two Harvard students — AnhPhu Nguyen and Caine Ardayfio — had made the problem strikingly concrete. In October 2024, they paired Ray-Ban Meta glasses with the PimEyes facial recognition engine.
The result: within seconds, while walking through the Boston subway, they could identify total strangers and retrieve their name, phone number and address. No sophisticated hacking — only consumer tools available to anyone. Their demonstration video went viral. The goal: to alert the public to what these devices now make possible.
The Boston subway: identifying a stranger in 30 seconds
Nguyen and Ardayfio demonstrated that with smart glasses and an online facial recognition tool, anyone can identify a person in public and obtain their personal contact details — without the target ever suspecting it. Meta responded by pointing to the signalling LED. Privacy advocates retorted: a 2 mm LED in a crowded space is not consent. Source: KultureGeek.
Two years later, Meta is preparing to officially integrate a facial recognition feature called "Name Tag" directly into its Ray-Ban glasses. According to KultureGeek (February 2026), the project is personally backed by Mark Zuckerberg. The Harvard demonstration, which was a warning, could soon become an official feature.
Timeline of a surveillance that is settling in
Two students prove that it is possible to identify anyone on the street by combining Ray-Ban Meta and consumer-grade facial recognition. The video travels around the world.
EssilorLuxottica announces it sold 7 million Ray-Ban Meta in 2025, a 250% increase in one year. Smart glasses go from gadget to mainstream consumer product.
The Swedish press reveals that Sama annotators (Nairobi) were viewing intimate footage captured by Meta glasses. Investigations are opened in Kenya and the United Kingdom.
Meta terminates its contract with Sama. The workers receive six days' notice. A class action is launched. The EFF and digital rights groups denounce an attempt at silencing.
Meta is working to natively integrate facial recognition into its glasses. The regulatory vacuum specifically targeting wearables (Canada, United States) makes this rollout legally possible — but Quebec's Law 25 already imposes clear obligations on organisations that use these tools.
Law 25: is your organisation exposed?
For Quebec municipalities, non-profits and SMEs, these glasses raise concrete and urgent questions — especially in light of Law 25.
Law 25 considers the images of an identifiable person to be personal information. Biometric data — such as a facial profile — is sensitive personal information, subject to enhanced protections (s. 12, 59). Collecting biometric data without explicit consent is a direct violation of Law 25.
A municipal employee wears Ray-Ban Meta glasses during a public meeting to take hands-free notes. They activate Meta AI to transcribe the discussion. The faces of the citizens present are automatically recorded, sent to American servers, and potentially reviewed by human annotators. No citizen consented. Your organisation can be held liable — and face a fine of up to $25M CAD or 4% of worldwide turnover (s. 93 of Law 25).
And don't forget the American CLOUD Act: even if the data passes through servers physically located in Canada, if the provider is a company incorporated under American law (such as Meta), the U.S. government can access it. Law 25 and the CLOUD Act create a direct tension that your organisation cannot ignore — a point already covered in our article on shadow AI.
Five Law 25 obligations that apply to AI wearables right now
What this affair reveals about AI in general
The Meta glasses are not an isolated case. The affair illustrates a systemic problem: the training and improvement of AI models rely on an invisible, underpaid human infrastructure exposed to content that no one had anticipated.
It is not only Meta. OpenAI, Google, Microsoft — all of them rely on human annotation teams in low-labour-cost countries to label the data that trains their models. In most cases, these workers sign drastic confidentiality agreements and have no recourse if they are exposed to traumatic content.
"You'd think that if they knew the scale of the data collection, no one would dare use these glasses." — A Meta data annotator, quoted in the Swedish investigation · Futurism, 2026
The real question this issue raises is not technical. It is ethical and organisational: has your organisation considered what the AI tools it uses — or that its employees use — actually do with the data entrusted to them?
Action plan: what you can do this very week
Five concrete actions that any Quebec organisation — municipality, SME, non-profit — can put in place right now:
Smart glasses, watches, AI headphones, recording badges. What you don't see can still create legal liability.
If you have a policy on cellphones in meetings, it must be extended to smart glasses and other AI devices. Clear posting, uniform enforcement.
Many wear these glasses without understanding what they capture or where the data goes. Awareness is your first line of defence.
The data of your citizens and users enjoys the same protections as that of your clients. Reception areas and council chambers deserve explicit governance.
To assess your specific risks linked to connected objects and wearable AI. This segment is evolving very quickly, and so is your exposure.
Meta is preparing to integrate native facial recognition into its glasses under the name Name Tag. If this rollout goes ahead, the stakes for any Quebec organisation operating in semi-public spaces (reception halls, citizen meetings, events) will become critical. Learn more →
Don't let technology decide for you
Synéra supports Quebec municipalities, SMEs and non-profits with their Law 25 assessment, their AI-tool use policy — including wearables — and the protection of the personal information of their users and employees.
Further reading
- The Next Web — Meta ends Sama contract after Kenyan workers report seeing intimate footage (2026)
- Futurism — Why Meta Is Letting Its Workers Watch Users' Intimate Videos From Ray-Ban Smart Glasses (2026)
- Futurism — Meta Had the Worst Possible Response When Its Workers Were Watching Naked Footage (2026)
- IBTimes Australia — Meta Axes Kenyan Contractors Who Reported Viewing Ray-Ban Meta Sex Footage (2026)
- KultureGeek — Meta va intégrer la reconnaissance faciale sur ses lunettes connectées Ray-Ban (2026)
- hivr.fr — Lunettes connectées et vie privée : les risques qu'on ne dit pas (2026)
- SEQUR — Caméra de surveillance au Québec : ce qui est légal en 2026
- Commission d'accès à l'information du Québec — Loi 25
Synéra packages mentioned in this article
- Synéra Conforme — Law 25 compliance and PIA support
- Synéra Vigile — ongoing monitoring and compliance
- Privacy Officer on demand — outsourced certified officer, from $750/month
Follow the author and Synéra
This article is written for general information and awareness purposes. It does not constitute legal advice. For any question relating to your specific situation, contact Synéra or your legal advisor.