[Reading time - 4 minutes 22 seconds]
These are a handful of the headlines that have appeared in the past two days over FaceApp. Just as the app became viral overnight (1.7 million Android users give it a 4.4 rating while 800,000 Apple iTunes users give it a much higher 4.8), so too has the hype over its privacy. And now the Senate Minority Leader has called for a federal investigation into FaceApp, saying the Russian-operated mobile application "could pose national security and privacy risks for millions of US citizens."
So, can you trust FaceApp?
FaceApp has been around since 2017. Users can upload a photo that is then adjusted using artificial intelligence (AI) to see how they would look 20 years from now. Interestingly, a comparison was done that took photos of selected celebrities in their younger years, submitted these photos to FaceApp, and then compared the FaceApp results with how they actually look today. The results? A mixed bag: some are spot-on, while others are, well, not so much.
However, FaceApp is more than just peering off into the future. When it first appeared, FaceApp had "ethnicity filters" that tried to change the faces of one ethnicity into another. However, as you might expect, an outcry over this feature caused it to be quickly dropped. FaceApp can also turn a face with a sad, mad, or even blank expression into a smiling face. It can even work on painted portraits.
What is the FaceApp uproar about? No, it's not that FaceApp shows that I will look terrible in 2039. The main concerns are
Here's what we know so far. We'll rate each concern from 1-5 (1=Don't lose sleep over it; 5=Run from FaceApp like your hair is on fire).
Although an app developer tweeted that FaceApp was uploading all of the photos from smartphones without asking permission, that's false. Only the user-submitted photo is uploaded to FaceApp and nothing else. (Concern #1 = 1)
The reason why FaceApp is uploading the photos to its servers is likely due to concerns over their own privacy. If the app on the smartphone did all the work, then a competitor could see what the app does and try to "reverse engineer" the algorithm to then put it into their own competing app. Besides the risk of a competitor stealing the underlying intellectual property, it's likely that doing the conversion all on a smartphone would take more time and battery power. So, uploading to a server is the natural solution (Concern #2 = 1).
How FaceApp will use the photos is really anybody's guess. Here's what the FaceApp terms of usage says:
“You grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you.”
If that sounds draconian, compare it with Facebook's Terms of Service:
"Specifically, when you share, post, or upload content that is covered by intellectual property rights (like photos or videos) on or in connection with our Products, you grant us a non-exclusive, transferable, sub-licensable, royalty-free, and worldwide license to host, use, distribute, modify, run, copy, publicly perform or display, translate, and create derivative works of your content (consistent with your privacy and application settings). This means, for example, that if you share a photo on Facebook, you give us permission to store, copy, and share it with others (again, consistent with your settings) such as service providers that support our service or other Facebook Products you use."
Or consider Twitter's Terms of Service:
"By submitting, posting or displaying Content on or through the Services, you grant us a worldwide, non-exclusive, royalty-free license (with the right to sublicense) to use, copy, reproduce, process, adapt, modify, publish, transmit, display and distribute such Content in any and all media or distribution methods (now known or later developed). This license authorizes us to make your Content available to the rest of the world and to let others do the same. You agree that this license includes the right for Twitter to provide, promote, and improve the Services and to make Content submitted to or through the Services available to other companies, organizations or individuals for the syndication, broadcast, distribution, promotion or publication of such Content on other media and services, subject to our terms and conditions for such Content use. Such additional uses by Twitter, or other companies, organizations or individuals, may be made with no compensation paid to you with respect to the Content that you submit, post, transmit or otherwise make available through the Services."
(By the way, you did read those when you signed up for these services, right?)
They all sound pretty much the same to me.
FaceApp is probably using the original and altered photos to train their AI systems to recognize people and learn how humans age. (Concern #3 = 1 if you compare it with other Terms of Service but = 5 if you really stop and think about it).
Finally, photos are not uploaded and stored on servers in Russia. Rather, FaceApp uses cloud services hosted by the Amazon and Google, whose servers are scattered around the world. (Concern #4 = 2).
According to FaceApp, they don't sell or share user data with third parties and it only stores photos temporarily to optimize "performance and traffic" by ensuring that the user doesn't upload the same photo repeatedly for every editing operation. They also say that "most" images are deleted from their servers within 48 hours. FaceApp will manually delete uploaded photos (send the request from the FaceApp mobile app using Settings | Support | Report a bug with the word "privacy" in the subject line, according to FaceApp).
What are the lessons to be learned? First, maybe it's best not to jump into every "viral craze" that asks you to hand over your data, including photos. Second, we probably need to be just as concerned about Facebook, Twitter, and other social networks as we are with FaceApp.
In other words, perhaps the question should not be, "Can we trust FaceApp?" but instead should be "Can we trust any social network?"
If you think the answer is "No" then maybe it's time for a change.
(Thanks to Michele McTighe and her team for the suggestion about FaceApp)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.