The Viral FaceApp Showcases Privacy Issues

The infamous FaceApp challenge.

People showing their 30 years in future faces might be fun; but ever noticed the amount of data you’re sharing with unknown Russians?

Yes, That’s right. What started 2 years ago y a Russian company –  FaceApp has returned raising privacy related concerns.

What is the FaceApp Challenge?

FaceApp launched on iOS in January 2017, and hit Android in February of the same year. It’s free, but has had its fair share of controversies. Firstly being accused of being racist, and secondly over privacy concerns.

But it does a great job of making you look old.
With that being said, Twitter, Facebook, Instagram, etc. are filled with all these FaceApp Challenge related photos.

The FaceApp #AgeChallenge, also tagged as the #FaceAppChallenge; involves using FaceApp to augment your own or someone else’s face to look old. The app lets you pick a photo from your gallery; and with the help of AI mercilessly edit it with one of its filters. You can add a new hairstyle, force someone to smile, and two years ago, change their skin tone.

faceapp

FaceApp Privacy Concerns?

FaceApp’s terms of service includes the following:

You grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you.

We are not alleging that FaceApp developers intend to sell your photos or have any malicious intent. But the wording of the terms and conditions for using the app are definitely a concern. There is nothing to stop the app developers from selling your photo to another party or set of parties.

Basically, this Russian company has the right to do whatever it is they want to do with their photos; if they wish to, and you cannot revoke this right. You can’t simply delete your profile from the app as an opt-out method. Once your photos and selfies are on the FaceApp servers, you’ve lost the right to govern them. Even though you own them, at least on paper.

No wonder then that regulators in the US are asking the FBI and the FTC to conduct a federal national security & privacy investigation into the Russia-based company that runs FaceApp.

And in this case, we were. We’ve known that FaceApp is controversial for some time now. We know that facial recognition is troubling and that deepfake technology can be used to create stunningly realistic videos of a person using nothing more than a single image of their face.


More Insight –

Another Blow to Data Privacy, This Time its Twitter

How to Improve Privacy in Android Phones?


Where are your Photos going?

Theoretically, FaceApp could process these photos on the device itself, but Yaroslav Goncharov, an ex-Yandex exec and CEO of the Russian company that created the app, previously told The Verge that photos uploaded to the app are stored on the company’s servers to save bandwidth if several filters are applied, and that they get deleted not long after. In a statement to TechCrunch, FaceApp said it accepts requests from users to remove their data from its servers. The team is currently “overloaded,” but users can send the request through Setting>Support>Report a bug with the word “privacy” in the subject line.

Of course, we don’t know if FaceApp actually deletes the photo data; but it’s worth remembering that we upload photos of our faces to companies’ servers all the time.

The company responded with it’s statement; starting off with all the complaints they’ve been receiving.

“We are receiving a lot of inquiries regarding our privacy policy and therefore, would like to provide a few points that explain the basics:..”

FaceApp’s Complete Statement –

1. FaceApp performs most of the photo processing in the cloud. We only upload a photo selected by a user for editing. We never transfer any other images from the phone to the cloud.

2. We might store an uploaded photo in the cloud. The main reason for that is performance and traffic: we want to make sure that the user doesn’t upload the photo repeatedly for every edit operation. Most images are deleted from our servers within 48 hours from the upload date.

3. We accept requests from users for removing all their data from our servers. Our support team is currently overloaded, but these requests have our priority. For the fastest processing, we recommend sending the requests from the FaceApp mobile app using “Settings->Support->Report a bug” with the word “privacy” in the subject line. We are working on the better UI for that.

4. All FaceApp features are available without logging in, and you can log in only from the settings screen. As a result, 99% of users don’t log in; therefore, we don’t have access to any data that could identify a person.

5. We don’t sell or share any user data with any third parties.

6. Even though the core R&D team is located in Russia, the user data is not transferred to Russia.

Additionally, we’d like to comment on one of the most common concerns: all pictures from the gallery are uploaded to our servers after a user grants access to the photos (for example, https://twitter.com/joshuanozzi/status/1150961777548701696).  We don’t do that. We upload only a photo selected for editing. You can quickly check this with any of network sniffing tools available on the internet.

Leave a comment

Your email address will not be published. Required fields are marked *

Navaneetha Suresh

Navaneetha Suresh

Navaneetha, commonly known as "nav", loves to read, play badminton, play the keyboard and sing but when she's not doing any of those, she loves to write. What started as a high school hobby to write is now her ongoing passion.

Ask us,
learn more

Share your Feedback/Query with us and our team will get in touch with you within 2 business Days.

tell us a bit more.