Concerns are being raised about the viral app FaceApp due to the power consumers give the Russia-based company that developed it to use their pictures and names in any way the company wants and at any time.
“And we thought we learned a lesson from Cambridge Analytica,” Forbes contributor John Koetsier wrote, referring to the Facebook scandal in which users’ information was accessed without their knowledge.
“Consumers just think it’s fun and blindly share,” Robert Siciliano, a security awareness expert at Safr.Me, told MarketWatch.
He noted that the app takes data from users. To date, the app has more than 150 million users.
“There has been a lot of worry regarding Russian-based companies whose hands are being forced by the Russian government [when] they require a backdoor access to the companies’ data and servers,” Siciliano said.
That’s a concern, Siciliano said.
“Any app gathering data points that could lead to facial recognition should be of concern especially when it’s being used by government agencies, foreign companies or foreign intelligence,” he told MarketWatch.
Koetsier said the terms of service, often skimmed by users, show what anyone using the app is actually committing to.
“You grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you,” the terms read.
“When you post or otherwise share User Content on or through our Services, you understand that your User Content and any associated information (such as your [username], location or profile photo) will be visible to the public.”
So what does that mean?
“You might end up on a billboard somewhere in Moscow, but your face will most likely end up training some AI facial-recognition algorithm,” Peter Kostadinov of PhoneArena wrote.
Koetsier warned consumers that data is not always collected for purposes users might be fine with, and “that the data collected is not always stored securely, safely, privately. Once something is uploaded to the cloud, you’ve lost control whether or not you’ve given away legal license to your content.”
That could include a lot.
“To make FaceApp actually work, you have to give it permissions to access your photos — ALL of them. But it also gains access to Siri and Search. …. Oh, and it has access to refreshing in the background — so even when you are not using it, it is using you,” Rob La Gesse, a former Rackspace manager, said, according to Forbes.
FaceApp founder Yaroslav Goncahrov tried to downplay concerns.
“We only upload a photo selected by a user for editing. We never transfer any other images from the phone to the cloud,” Goncharov told Forbes. He said data is not transferred to Russia.
“We might store an uploaded photo in the cloud. The main reason for that is performance and traffic: we want to make sure that the user doesn’t upload the photo repeatedly for every edit operation. Most images are deleted from our servers within 48 hours from the upload date,” he said.
“We don’t sell or share any user data with any third parties,” Goncharov added.
Truth and Accuracy
We are committed to truth and accuracy in all of our journalism. Read our editorial standards.