Senate Minority Leader Chuck Schumer announced recently on Twitter the “need” for a federal investigation into the popular Russia-based image-editing technology for smartphones called “FaceApp.”
“BIG: Share if you used #FaceApp: The FBI and FTC must look into the national security and privacy risks now because millions of Americans have used it; it’s owned by a Russian company; and users are required to provide full, irrevocable access to their personal photos and data,” Schumer said in his tweet.
FaceApp allows users to morph an uploaded photo to make the subject appear older, younger, or even a different gender or ethnicity.
FaceApp’s terms and conditions state:
You grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sublicensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you.
Yaroslav Goncharov, a chief executive at Wireless Lab, started developing FaceApp in 2014 after spending time as a technical lead at Microsoft in Redmond, Washington.
“Goncharov told the Moscow publication Afisha.ru in 2017 that he was inspired during his time at Microsoft to design FaceApp, by applying the latest in artificial-intelligence and machine-learning techniques to the mass processing of digital photos,” The Washington Post reported.
David Inserra, a policy analyst who focuses on homeland security and cyber policy at The Heritage Foundation’s Douglas and Sarah Allison Center for Foreign Policy, isn’t alarmed.
“While your data has the potential to be used in a way you might not like, it’s not significantly more likely than all of the other ways in which your data is currently shared, used, or sold,” he told The Daily Signal.
CNN reported that while the company is established in St. Petersburg, Russia, they “do not have known ties to the Russian government, and the company denies sharing or selling data with third parties.”
In a statement to TechCrunch, the designers of FaceApp said that “even though the core R&D team is located in Russia, the user data is not transferred to Russia.” They added that “most images are deleted from our servers within 48 hours from the upload date.”
Goncharov also told the Post that “FaceApp photos are stored on servers run by U.S. tech giants Amazon and Google.”
However, Geoffrey Fowler, a technology columnist and analyst at the Post, found “data flowing to the third-party Facebook and Google trackers that many apps use for online ads, and FaceApp’s privacy terms state the company can save a user’s uploaded photos and other data, even if a user decides to delete them.”
“If people are concerned with how broadly their information can be shared or used, it’s definitely incumbent upon the users to think,” Inserra said. “I know no one wants to read those terms and conditions, but the reality is your data, for better or for worse, is sold across the tech world today. Most of these are free products, so you’re paying in a different form of currency.”