Russian-Owned FaceApp That Ages Your Photos Raises Privacy Concerns
Millions of people, including many celebrities, are using the Russian-owned FaceApp application to digitally alter their photos, making them appear decades older than they really are.
FaceApp has been downloaded millions of times and as of Wednesday, it was the top trending free app in Apple’s App Store.
Experts are now warning about security concerns and how your information is being used by the popular app owned by Wireless Lab based in St. Petersburg, Russia.
According to Cyber Defense League CEO Lou Rabon, “We should be worried…people have to be concerned about their privacy.”
Rabon sat down with CBSLA and explained that just because the app is coming from Russia, doesn’t necessarily mean it’s dangerous, “but it means that we have less control.”
- User Content (e.g., photos and other materials) that you post through the Service.
- Cookies and similar technologies like pixels, web beacons, and local storage to collect information about how you use FaceApp
- Measure traffic and usage trends for the Service
- Ask advertisers or other partners to serve ads or services to your devices
- Automatically record certain log file information, including your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks and how you interact with links on the Service, domain names, landing pages, pages viewed, and other such information
- Small data files or similar data structures stored on or associated with your mobile device
Even after users delete the app, FaceApp can still store and use information collected, according to the privacy terms.
“1. FaceApp performs most of the photo processing in the cloud. We only upload a photo selected by a user for editing. We never transfer any other images from the phone to the cloud.
2. We might store an uploaded photo in the cloud. The main reason for that is performance and traffic: we want to make sure that the user doesn’t upload the photo repeatedly for every edit operation. Most images are deleted from our servers within 48 hours from the upload date.
3. We accept requests from users for removing all their data from our servers. Our support team is currently overloaded, but these requests have our priority. For the fastest processing, we recommend sending the requests from the FaceApp mobile app using “Settings->Support->Report a bug” with the word “privacy” in the subject line. We are working on the better UI for that.
4. All FaceApp features are available without logging in, and you can log in only from the settings screen. As a result, 99% of users don’t log in; therefore, we don’t have access to any data that could identify a person.
5. We don’t sell or share any user data with any third parties.
6. Even though the core R&D team is located in Russia, the user data is not transferred to Russia.
Additionally, we’d like to comment on one of the most common concerns: all pictures from the gallery are uploaded to our servers after a user grants access to the photos. We don’t do that. We upload only a photo selected for editing. You can quickly check this with any of network sniffing tools available on the internet.”
While there are concerns over the safety of personal information being shared through the app, other platforms like Facebook and Instagram have been under fire for similar concerns in the past.
“As consumers, if we’re going online and putting our pictures or our personal information, we have less control if they’re located out of the country,” said Rabon. “The laws here in the U.S. are not very strong either, so we would need stronger privacy laws to take advantage of giving some recourse to consumers if their information is not used correctly.”
There are certain ways to protect yourself when it comes to sharing personal information like removing any metadata from your pictures like location information.
“You can’t trust what the companies are doing, consumers really have to hold them to task,” Rabon said.