Adrian Dimakis
In 2017, an app that changed the way people looked went viral.
FaceApp allowed users to peer into a crystal ball of sorts, to check out what they would look like younger, older, and as a member of the opposite sex. There’s even a filter for skin color, but that hasn’t gained a lot of traction, for self-evident reasons. Released for both Android and iOS, the app has around 150 million users.
This year has seen a renewed uptick in people wanting to peer into that same crystal ball. In the #AgeChallenge, FaceApp’s newest age filter lets users glimpse what they would look like 30-40 years in the future. Want to see what you’ll look like as a senior citizen? Upload your photo using FaceApp and let their algorithms predict if you’ll age well.
Developed by Russian firm Wireless Lab based in St. Petersburg, new users have downloaded the app 12.7 million after the challenge went viral.
And here lies the problem.
Have you read the Terms and Conditions?
Probably not.
Most people don’t even bother reading the fine print. It seems the norm is to download an app and use it with reckless abandon, regardless of what “permissions” the said app asks the user. FaceAppp may seem like a harmless face-altering lark of an app, but their privacy policy paints a different picture.
Here’s an excerpt from FaceApp’s Terms of Use policy:
“you grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you”.
The gist of it is that once you download and use FaceApp, the Russian company behind it owns your behind. Wireless Lab has exclusive rights to do whatever it sees fit with your uploaded photos. While the company says that editing happens in the cloud and all photos get deleted after 48 hours, there’s no way to confirm this.
Want to know the worst part? The rights you surrender is irrevocable. You can’t delete your profile from the app and expect Wireless Lab to stop using your content without your consent.
Are You Scared yet?
Any company, foreign or domestic that has permanent rights to your name and likeness should scare your socks off. It isn’t right that users don’t own their images online, just because a company offers a free service (hello, Facebook). Companies should not force users to surrender their right to privacy.
Here’s more:
“FaceApp, its Affiliates, or Service Providers may transfer information that we collect about you, including personal information across borders and from your country or jurisdiction to other countries or jurisdictions around the world. If you are located in the European Union or other regions with laws governing data collection and use that may differ from U.S. law, please note that we may transfer information, including personal information, to a country and jurisdiction that does not have the same data protection laws as your jurisdiction.”
Come on; this can’t be serious, right? Living in a country with strict data protection laws can’t protect you anymore? Companies with Terms of Use policies such as this can transfer your personal information to a country with lax data privacy laws. Moving personal data across borders opens up avenues for identity theft and fraud.
Identity theft has been a growing problem in the United States for some time now. An estimated 13 million Americans have their identities stolen each year. Data sent to other countries with poor infrastructure and enforcement poses a real risk to your personal information.
Does All This Sound Familiar?
If FaceApp’s policies sound familiar, it’s because another company with a similar name uses much of the same thing. Facebook is notorious for exploiting user privacy and was recently levied a massive $5-billion fine by the FTC. Although Facebook has taken steps to grant users more control over their data, policies like these remain in place.
Going back to FaceApp, the developer states that they store and access your browsing history and location data:
“We use third-party analytics tools to help us measure traffic and usage trends for the Service. These tools collect information sent by your device or our Service, including the web pages you visit, add-ons, and other information that assists us in improving the Service. We collect and use this analytics information with analytics information from other Users so that it cannot reasonably be used to identify any particular individual User.” This data won’t be shared with any other entities outside FaceApp, but could be used by “businesses that are legally part of the same group of companies that FaceApp is part of.”
Why would a face manipulation app need a user’s location and web page history? This grey area is a misrepresentation of “analytics” and “improving the service.” Apps do not need and should not get this level of permissions.
Protecting Your Personal Data
If you haven’t used FaceApp yet, walk away from it now. Their Terms of Use and Privacy Policy should give you pause. If you’ve downloaded and used the app, stop using it, and delete the app from your device. You can clean your phone by removing any folders associated with the app or doing a factory reset if you’re paranoid.
You can protect yourself in the future by being wary of downloading and using apps that ask for too many permissions. If an app that shouldn’t have any business reading your contacts requests for it, delete the app immediately. Always read the product’s Terms of Use and Privacy Policy, no matter how boring or tedious. If the terms are shady or sketchy, nuke the app from your phone.
