Home Created by potrace 1.16, written by Peter Selinger 2001-2019News Created by potrace 1.16, written by Peter Selinger 2001-2019India Created by potrace 1.16, written by Peter Selinger 2001-2019Can FaceApp Sell Our Pics, Monitor Our Browser? Licence Says Yes

Can FaceApp Sell Our Pics, Monitor Our Browser? Licence Says Yes

FaceApp Privacy Policy states that it collects information about our browsing history. Why though? 

Sushovan Sircar
India
Updated:
FaceApp Founder & CEO Yaroslav Gonsharov has denied such charges. 
i
FaceApp Founder & CEO Yaroslav Gonsharov has denied such charges. 
(Photo: Arnica Kala/ The Quint)

advertisement

Editor: Varun Sharma
Camera: Abhishek Ranjan

Amidst a collective cheer among the global youth upon discovering what they’ll look like at 80, the now viral FaceApp has found itself charged with allegations about violating privacy of its users.

Let’s ‘face’ it. None of us ever read the ‘Terms & Conditions’ or ‘Privacy Policy’.

At a time when protests against facial recognition systems are gathering momentum worldwide, concerns with the face-editing app arise regarding how it stores, processes, shares images of our faces as well as other data we generate.

The Quint went through the Privacy Policy and the Terms of Use of FaceApp and found many sections that raise major questions including about the app collecting our browsing history.

FaceApp Founder and CEO Yaroslav Goncharov, in response to The Quint’s queries, said “we don’t sell or share any user data with any third parties.” In a detailed reply, the Goncharov also stated, “We accept requests from users for removing all their data from our servers.”

For those who love the app and have had their faces turned older or younger, the questions is – what’s the issue with this seemingly harmless fun?

While there is no denying the ‘fun’ part of the app, to understand the issue of harm, it is wise to take a step back and consider what the app does with our facial images and data.

Also ReadArjun Kapoor to Jonas Bros, Celebs Take the Face App Challenge

FaceApp is So Much Fun, What’s the Problem ?

Security researcher, who goes by the pseudonym Elliot Alderson on Twitter, provides the short answer. “Once the photo is uploaded it's not yours anymore,” Alderson told The Quint.

Be it FaceApp, or other similar apps like Snapchat, that deploy artificial intelligence to apply filters to images of our faces, there are a number of legitimate privacy concerns that arise from what these apps are doing with the data we provide to them.

The major privacy questions with FaceApp app are of two kinds:

  1. What is it doing with millions of face images it is gathering?
  2. What is it doing with other data – much of which is personally identifiable.

To find an answer to these questions, let’s take a look at what the app’s Terms of Use and Privacy Policy reveal in their fine print. We’ll also compare them to what app founder Goncharov had to say.

(Photo Courtesy: Yaroslav Goncharov/GitHub)

FaceApp’s Terms of Use

Section 5 of FaceApp’s Terms of Use – “User Content” – states that it does not claim ownership over any of the images but appears to be wresting control of substantial rights over our images.

(Photo: FaceApp/Screenshot) 

FaceApp claims that by using the app, the user grants a “perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license...

A license for what exactly?

...to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you.
FaceApp Terms of Use, Section 5 

The next paragraph of Section 5 contains two important sentences:

  • You grant FaceApp consent to use the User Content, regardless of whether it includes an individual’s name, likeness, voice or persona, sufficient to indicate the individual’s identity.
  • By using the Services, you agree that the User Content may be used for commercial purposes.

Let’s pause and examine what these sentences imply.

The section claims that the app has the authority to use our images for commercial purposes. This means that it can share, sell, process the ‘content’ or images and other metadata we provide to it in order to generate revenue.

WHAT FOUNDER & CEO GONCHAROV SAID

Apart from claiming that they do not sell our data to third-parties, contrary to what the terms of use say, Goncharov also stated that they do not have access to data that can personally identify the user.

All FaceApp features are available without logging in, and you can log in only from the settings screen. As a result, 99% of users don’t log in; therefore, we don’t have access to any data that could identify a person.
Yaroslav Goncharov, Founder & CEO, FaceApp

This is a good point to explore the question of whether and how the app can indeed establish the identity the user:

ADVERTISEMENT
ADVERTISEMENT

FaceApp’s Privacy Policy

Can the app establish the identity of the user?

Yes, because the Privacy Policy explicitly states that it collects information from “cookies, log files, device identifiers, location data, and usage data.” These are all personally identifiable information.

The section also appears to be contradicting itself.

For example, under Section 3 – “Sharing Your Information” – the app states, “We will not rent or sell your information to third parties outside FaceApp (or the group of companies of which FaceApp is a part) without your consent...”

But the same section also states:

We also may share your information as well as information from tools like cookies, log files, and device identifiers and location data, with third-party organizations that help us provide the Service to you (“Service Providers”).
FaceApp Privacy Policy, Section 3
(Photo: FaceApp/Privacy Policy)

This is precisely what Alderson warns users against. “People should be careful with their personal data. If you upload a picture of your face to a random app you don't know how the company behind the app will use it,” Alderson told The Quint.

Uploading & Processing Images in the Cloud

It is important to note that the Privacy Policy under Section 4 – “Storage and Processing” – does not explicitly state that the images are processed in the cloud servers and not on-device.

However, in response to The Quint’s queries, Goranchov responded that “FaceApp performs most of the photo processing in the cloud. We only upload a photo selected by a user for editing. We never transfer any other images from the phone to the cloud.”

Dismissing a viral tweet from Wednesday, which claimed that the app had access to the entire photo library in our smartphones, Goranchov stated that “this is not true. We only can access a photo user specifically selected for editing.” He also added:

“Most images are deleted from our servers within 48 hours from the upload date.”
Yaroslav Goncharov, Founder & CEO, FaceApp

So, What Should We Do Now?

To be fair, FaceApp’s terms and conditions are standard for most apps we download. Snapchat has almost identical provisions but has elicited little attention towards its privacy policies.

A few things to keep in mind are explicitly providing consent by opting in for features and services. Sometimes features are set as opt-in by default and it is important to opt out of them if we do not want them.

Moreover, it is important to not provide access to camera, contacts, messages or call logs if they are not essential to the app’s core functions.

While FaceApp, indeed is great fun, it is prudent to remember that free apps come at a cost. Be it Facebook, Snapchat or FaceApp, they all use our data as a revenue source. The cost, therefore, is often one’s data privacy.
Also ReadGovt Planning Facial Recognition System; Raises Privacy Concerns

(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)

Published: 18 Jul 2019,11:09 AM IST

ADVERTISEMENT
SCROLL FOR NEXT