You might want to think twice before you use viral selfie app FaceApp.
The two-year-old app, which lets you alter photos of your face, once again shot to the App Store’s top spot this week after celebs and others began sharing doctored photos of themselves. Like some of Snapchat’s popular face filters, you can change photos of yourself so you appear older or younger, or “swap” genders.
It’s a familiar gimmick at this point – and not one that’s new for FaceApp— but the app has gone viral all the same. It’s currently one of the most downloaded apps for both iOS and Android, as #faceappchallenge posts have taken over social media.
But with the sudden surge in popularity have come new questions about privacy, and whether FaceApp is doing enough to protect users’ data.
Some have questioned why the app, which has been out for years, suddenly went viral all over again seemingly overnight. Others have pointed to the fact that the app requires a data connection, suggesting that might be indicate the app is surreptitiously grabbing users’ photos. (Multiple security researchers have said there is no evidence that the app is sweeping up entire photo libraries.)
And, in some corners of Twitter, people have pointed to the app’s Russian origins — FaceApp is owned by a company, Wireless Lab, that’s based in St. Petersburg — as a sign of something nefarious.
While there’s as yet no evidence to support these claims, some other concerns are less far fetched.
In a post-Cambridge Analytica world, in which thousands of people had their personal data misused because of a seemingly innocuous personality quiz, people are rightfully wary of the numerous ways their data could be accessed or exposed by an app developer.
And we don’t need to look far to find examples of photo apps taking their users’ photos for uses far beyond what’s required for their own apps.
Earlier this year, NBC reported that Ever, a popular photo storage app, was using its users’ photos to train facial recognition software it then sold to law enforcement. IBM was also found to be using Flickr photos to train facial recognition applications without permission from those in the photos. And last year, PopSugar’s viral “twinning” app inadvertently leaked data.
And though it states that “we will not rent or sell your information to third parties outside FaceApp,” it explicitly says that it shares information with “third-party advertising partners,” in order to deliver targeted ads.
It also doesn’t help that FaceApp doesn’t exactly have the best track record. The app was widely criticized for “racist” selfie filters that lightened users’ skin tones in 2017, soon after it launched. A few months later, the app sparked even more outrage when it unveiled a series of “ethnicity change” filters.
If anything, the latest controversy about the app’s privacy practices is a sign that we might finally be starting to learn from Cambridge Analytica and so many other data privacy nightmares. Yes, the viral app of the moment might be irresistible, but there are reasons to think twice before giving up access to your information.