Another threat in the form of FaceApp

Debate on data security while using mobile application FaceApp has taken over social networks and media around the world.

FaceApp was created in 2017 by Yaroslav Goncharov in Russia. The application works on the principle that users select an image they want to modify, upload it, then select a filter they want (most commonly a filter that makes the user older) and get the completely modified image.

Joshua Nozzi, an app developer, posted a tweet about FaceApp on July 15 and warned that the application automatically uploads all photos from the camera roll, regardless of whether the user approved it or not. Nozzi made a public apology on the following day, saying that he had hastily posted the tweet without prior testing the application. However, he claimed that it is strange for an application to require access to all photos when it is not necessary.

That tweet and the fact that the application was made in Russia caused panic across the world and launched an avalanche of online discussions about allegations that Russian troll farm makes the database using the uploaded photos. There is a justified fear that photo might be used for launching fake accounts in future disinformation campaigns or in creating deepfake. The thing went too far when the UNILAD journalist, Emma Rosemurgey, wrote in her article that Joshua was working for the Russians. He denied these allegations and soon after the disputable part was removed from the text on the UNILAD website.

With regard to the topic that has shaken the public recently, Yaroslav Goncharov gave a statement denying the claims that the application uploads all photos from the camera roll, it uploads only the one that was selected. He stated that data is not transferred to Russia – it is kept on US-controlled servers Amazon and Google. Also, he pointed out that, at the request of the users, photos can be removed from the server, as well as that most photos are being deleted from the server within 48 hours from the moment of uploading. He named performance and traffic as the main reasons for storing uploaded photos, since the company wants to be sure that the user does not upload a photo several times for every editing. Goncharov emphasized that the company neither sells nor shares users’ data with third parties. However, can we rely on his word?

Terms of service – are we aware of what we accept?!

Another interesting issue is the terms of service of all popular applications, that users accept without previous reading. A lawyer Elizabeth Pots Weinstein posted a tweet stating that everyone who installs the application and accepts FaceApp terms of service give perpetual, irrevocable, free, worldwide license to use, reproduce, modify, adapt, publish, translate, create derivative works. That was a trigger for new discussion and comparison of the terms of service of applications, such as Facebook, Twitter, Instagram, etc. Lance Ulanoff, Editor-in-Chief of a website Lifewire posted a tweet on terms of service of Twitter, stating: By submitting, posting or displaying Content on or through the Services, you grant us a worldwide, non-exclusive, licence to use, copy, reproduce, process, adapt, modify, publish, transmit, display and distribute such Content in any and all media or distribution methods. It is obvious that FaceApp terms of service are as disputable as terms of service of other applications we use on a daily basis.

Furthermore, FaceApp is similar to Guess my age, an application made by Microsoft in 2005, which has specific characteristics as its Russian counterpart. The reason for not bringing the issue of security of that application back then might be because it was not made in Russia, which, following the events in previous years automatically became a synonym for danger.