When Fortune employees moved into a new office building in Manhattan a few months ago, we had the option to sign up for facial recognition scanning. This meant we could access the premises without showing an authorized ID badge.

I ruminated on the convenience for some time. Imagine: No more pausing at the turnstile. No more fumbling around in your pockets. No more accidentally forgetting your ID badge at home. Simply flash a smile at a little camera and—presto—you’re in. What a dream come true!

Naturally, I declined the option.

If you’re a regular reader of this newsletter, then you won’t be surprised to learn that my privacy concerns got the best of me. As I enter the building each day, I am reminded of my decision to opt out while colleagues zip past me, unencumbered.

My major hangup: No one told me how or where this digital representation of my face would be stored. Would it be encrypted? Who would have access to the database? Could I delete my data at will? The paucity of answers made me too uncomfortable.

Facial recognition technologies everywhere are contentious. They’re proliferating at an astounding pace in China, where companies are increasingly shaping international standards on facial recognition technology. At the start of the month, the Chinese government enacted a new law that mandates all mobile phone users in the country to scan their faces. Face-scanning has become such an important tool for the Communist Party that Chinese scientists are now reverse-engineering people’s faces from DNA samples in an attempt that could benefit government surveillance.

In the U.S., the pace moves slower. A proposal by the Department of Homeland Security that would require all travelers to submit to face scans has met ample resistance. Portland, Ore., is floating legislation that would outright ban face-scanning by government agencies and private companies alike. (Somerville, Mass., along with San Francisco, Oakland, and Berkeley, Calif., already prohibit government agencies, including police departments, from using the tech.)

Don’t get me wrong. Face-scanning has its advantages. Namely, that sweet, sweet ease of use. But at work, I’m not ready to embrace a technology that raises so many unanswered questions—even if I find the prospect of permanently removing a bothersome card from my wallet appealing.

If I lose my ID badge, I can get a new one. But I have only one face.

Robert Hackett

Twitter: @rhhackett

Email: robert.hackett@fortune.com

This Cyber Wednesday edition of Data Sheet was curated by Robert Hackett.

THREATS

Can't we all just get along? Senate Republicans are prepared to support a federal privacy bill to ward off a morass of conflicting state laws. They're partly seeking to preempt a stringent California privacy bill, which goes into effect on January 1st, with rules for implementation in the following months. Democrats and Republicans must reach common ground on data-use disclosures, opt-in consent requirements, and the ability for individuals to sue violators. 

Pleasing the app-aratchiks. Vladimir Putin signed into law on Monday a bill requiring various electronic devices sold in the country, such as computers, smartphones, and smart TVs, to come pre-installed with government-mandated Russian apps. The law is set to go into effect on July 1st of next year. Ironically, a day later, a Kremlin spokesperson responded to the FBI labeling the Russian app FaceApp "a potential counterintelligence threat" by saying the U.S. can't stop free market competition. 

Give the gift of scamming. More and more, con artists are scamming people into buying them thousands of dollars worth of gift cards. (I'm sure you've gotten the emails and phone calls too.) Such prepaid cards are useful because they allow scammers to make immediate, anonymous purchases that are difficult to reverse. According to the Federal Trade Commission, a third of the people who reported losing money to a scam through the third quarter of the year said they used gift cards or reloadable cards as payments, up from just 7% in 2015, the Wall Street Journal notes.

In the birdhouse. Twitter debuted an online "privacy center," a centralized resource for people to check up on the service's privacy and data protection information. The website has dedicated areas for the EU's General Data Protection Regulation, the California Consumer Privacy Act, and other pieces of legislation.

Step aside Cyber Monday, it's Cyber Wednesday.

ACCESS GRANTED

Earlier this year, a Swiss-Italian company called InTheCyber bought a controlling stake in Hacking Team, a controversial—and in 2015, thoroughly breached—hacking tool-seller. The two combined to become Memento Labs. The new owner, Paolo Lezzi, is attempting to revive the disgraced business, whose products have been found to target human rights activists and journalists. MIT Technology Review takes a look at Lezzi's uphill battle to rehabilitate the company. 

I met Lezzi last week at a high-tech defense and military trade show in Paris. It’s been just under one year since he bought Hacking Team, changed the name, combined it with his own company, and set about the task of bringing the once mighty business back from the dead.

My first question was an obvious one for the head of a spyware company linked to repressive regimes. “How do you make sure there is no abuse?” I asked.

Lezzi inhaled slowly as he considered the question. He looked up and pointed to a display of machine guns just a few feet away from where we spoke. “Why does everyone ask us this question, but no one asks them that question?” he said, raising his eyebrows.

FORTUNE RECON

Google Employees Fired Amid Activism Plan Federal Labor Complaint by Mark Bergen and Josh Eidelson

Why IBM Is Joining the Corporate Chorus Calling for a Carbon Tax by Katherine Dunn

Budweiser Wants to Brew Beer in Space for Mars Colonists by Chris Morris

The iPhone App of the Year Gives Your Camera a Long Exposure Boost by Don Reisinger

Arguing About Artificial Intelligence Killing Jobs by Jonathan Vanian

Russia’s FaceApp Is a “Counterintelligence Threat” by Lucinda Shen

New Jersey Exemplifies the Long, Confusing Road Ahead to Legislate the Gig Economy by Nicole Goodkind

Elon Musk’s ‘Pedo Guy’ Trial Starts Today—and He Will Be One of the First Witnesses Called by Brian Melley

Apple’s Crimea Map Switch Opens Up Bigger Issue of ‘Being Played’ By Putin, Critics Say by Alyssa Newcomb

ONE MORE THING

Ever wonder how Facebook gets people to view its advertisements? Dylan Paulus, a developer at power systems maker Schweitzer Engineering Laboratories, reveals some of the tricks the media giant employs to defeat would-be ad blockers. Top among them: Fattening up "sponsored" tags with invisible random characters to confuse blocker scripts. Zuck, you cheeky monkey, you.