Yesterday I was sitting at a coffee counter waiting on a matcha latte when the guy next to me shifted in his seat. He had AirPods in -- nothing unusual. But knowing what I know about where this product line is headed, I found myself wondering: what will that thing actually be picking up soon? That thought stuck with me. It should stick with you too. AirPods biometric privacy is not a distant concern. It is moving down the product pipeline with a fall 2026 launch window (now 2027, I believe) attached to it.
What the Rumors Are Saying
Apple is widely expected to release a version of the AirPods Pro -- possibly branded AirPods Ultra -- with built-in infrared cameras in the stems. Multiple credible sources including analyst Ming-Chi Kuo and Bloomberg's Mark Gurman have reported the cameras are in advanced development. All credible reports point to infrared sensors rather than traditional cameras, though Apple has confirmed nothing. The stated purpose: feed environmental visual data to Apple Intelligence and Siri, enabling hands-free Visual Intelligence queries without needing to point your iPhone at something.
These will not take photos. They will not record video. Apple has been clear about that, and most coverage has taken the bait -- focusing energy on what the cameras will not do rather than what they will.
Meet the Budholes
When Google Glass landed in 2013, the public coined a term for people wearing them in inappropriate contexts: glassholes. The pushback was visceral because the device was visible. People knew when they were potentially being recorded. They could see the camera. They could say something.
AirPods with infrared cameras present a different problem entirely. Nobody looks at someone with AirPods and thinks surveillance hardware. The form factor is invisible by design -- not intentionally deceptive perhaps, but invisible nonetheless. So a new term is needed: budholes. Because the potential for intrusive, unconsented data capture does not disappear just because the hardware fits in your ear.
The LED Tells You Everything You Need to Know
Apple plans to include a small LED indicator on each earbud that activates when the cameras are sending visual data. This detail has been reported by Bloomberg and confirmed across multiple sources.
Think about what that LED implies. Apple did not add it for fun. They added it because they know -- and their legal team definitely knows -- that operating a sensor capable of capturing biometric data in public spaces without any visible signal creates serious liability exposure. The LED is not a privacy feature. It is a liability hedge.
Now consider how visible that LED will actually be. It sits on an earbud stem, at ear level, facing away from the wearer. You would need to be at exactly the right angle in reasonable lighting to catch it. And here is the thing -- nobody is looking at another person's ears. When you talk to someone, you look at their eyes, their face. That is basic social courtesy. Possibly that person is wearing smartglasses from that other company with its own LED to watch out for. The LED Apple is banking on as a privacy signal sits in a spot almost nobody will ever think to check.
You Are Worried About the Wrong Thing
The public conversation about camera-equipped AirPods has centered on photos and video. Will Apple use these to record people? The answer is almost certainly no, and that framing is doing Apple a quiet favor.
Near-infrared sensors do not need to capture a photo to capture something that matters. NIR cameras read facial geometry -- the spatial relationships between features that make your face uniquely yours. That geometric data is precisely what constitutes biometric information under the laws that exist to protect you. BIPA in Illinois defines biometric identifiers as including facial geometry. GDPR explicitly covers biometric data used for identification purposes. California's CPRA includes it as sensitive personal information. Texas takes it further -- CUBI has been on the books since 2009 and carries penalties of up to $25,000 per violation, and the state has quietly secured more biometric privacy settlements than any other jurisdiction in the country.
Apple saying these cameras do not take photos is accurate. It is also strategically convenient. Facial geometry capture does not require a JPEG. The capture is the problem, not the format.
Biometric Data Without the Label
If an infrared sensor in an AirPod stem maps the facial geometry of someone standing nearby and that data is processed -- even momentarily, even without storage -- the question of whether a biometric law has been triggered is not settled by Apple's product description. It is settled by what the sensor actually did.
BIPA requires informed written consent before a private entity collects biometric identifiers. It does not include an exception for unintentional capture. It does not include an exception for useful features. A bystander in a coffee shop who never agreed to anything is not outside the scope of that law just because Apple's marketing team called the device a pair of earbuds.
Laws Exist -- But They Were Not Written for This
BIPA, GDPR, CUBI and CPRA represent the strongest existing frameworks for biometric privacy protection. They matter. They have teeth. BIPA in particular has generated significant litigation and real penalties.
But these laws were written in a world where biometric capture required an obvious device pointed at you by someone making a deliberate choice. A phone. A camera. A kiosk. AI is now pushing biometric-capable sensors into earbuds, glasses, pendants, and eventually things nobody has named yet. The legal frameworks are not keeping pace, and the gap between what technology can do and what the law actually covers is where privacy goes to die.
The answer is not to abandon the existing laws -- it is to strengthen and extend them explicitly to cover passive, incidental, and ambient biometric capture by AI-enabled wearables. That legislative work is not happening fast enough.
Designing for the Exception
Apple's accessibility argument for camera-equipped AirPods is real. VoiceOver is a genuine use case. A blind user who can ask Siri what is in front of them without holding up a phone is a meaningful improvement in quality of life.
That use case does not justify the architecture required to deliver it to everyone. Accessibility is a design requirement, not a privacy waiver. If the goal is helping VoiceOver users identify objects in their environment, Apple can engineer explicit activation windows, confirmed non-retention of processed data, and consent-aware proximity detection. The passive always-on scanning approach is a product choice, not a technical necessity.
Designing for the exception does not license surveilling the majority.
If Not Apple, Then Someone Else
Apple has a better privacy track record than most of its competitors. That is true, not gobbledygook. But, if Apple ships camera-equipped AirPods with a thoughtful privacy architecture and still creates the exposure described above, consider what happens when the next company down the list ships the same hardware with none of that.
AI is being crammed into every product category with or without a coherent reason. Earbuds, glasses, rings, watches, pendants. The pressure to differentiate on AI features is not going away. Someone will ship this hardware with weaker safeguards, a smaller LED, and a privacy policy designed by lawyers whose job is minimizing liability rather than protecting users.
The time to establish the standard is now, before the category normalizes.
The Consent Gap Is the Whole Argument
When you set up Face ID, you consent. You point your own device at your own face and opt into a transaction where your facial geometry is captured, stored locally in the Secure Enclave, and used only to authenticate you. You are a party to that agreement. You can revoke it.
When someone wearing AirPods with infrared cameras stands near you in a public space, you have consented to nothing. You are not a party to any agreement. You may miss that the cameras are active. You cannot revoke access you never granted. Your facial geometry may be processed by hardware you never chose to interact with, on behalf of a user whose privacy settings you have no visibility into.
That is not a minor distinction. That is the entire argument. Consent is the hinge, and without it the capture itself is the violation -- regardless of what happens to the data afterward.
Pay Attention to This Product Cycle
Whether Apple ships camera-equipped AirPods in fall 2026 or delays further, this technology is coming. The research is too far along, the competitive pressure is too real, and the integration with Apple Intelligence is too valuable to walk away from.
Watch what Apple says about data retention for visual queries. Watch whether the LED specification changes between announcement and shipping hardware. Watch whether BIPA or GDPR regulators signal any interest in this category before launch. And watch who follows Apple into this space, because the less privacy-conscious competitors are already taking notes.
Smart glasses got the public conversation. Budholes deserve the same scrutiny -- and probably more, because you will never see them coming.
Smart glasses started this conversation. Budholes are about to take it further.