The Real Reason Why FaceApp Wants Your Data

In Brazil, Facebook was the social media frenzy. Now, it is FaceApp. Since July, the free application surpassed 1 million downloads. 

The Russian company, Wireless Lab, created the app for editing and applying image filters. With the editing feature, it is possible to change hair color, apply makeup, add and alter a beard or mustache, among others. The app’s artificial intelligence system promises to find the best style for you.

Like Facebook, FaceApp also raises some privacy concerns. What data are they collecting from you? In addition to the data collection, what are they doing with it?

The Privacy Policy of FaceApp

FaceApp has a privacy policy, but there is a problem. They provide little information about what data is collected and the use of it. The company adopts data analytics services to “measure service consumption trends,” which can lead to partner marketing campaigns.

The policy states that “these tools collect information sent by your device or our service, including the pages you access, add-ons and other information that help us improve the service.”

So, tracking mechanisms (e.g. cookies and pixels) are used to send data about the navigation to the company and its partners.

The policy also states the volume of information is gathered without identifying the person. “We collect and use this analytical information so that it cannot reasonably be used to identify any particular user.” However, the company inserts mechanisms to identify your device type (e.g. smartphone, tablet, or computer).

The privacy policy says that your information is not sold or marketed. Although, the collected information may be shared with companies affiliated with FaceApp to improve their services.

In short, you give your information to FaceApp, who may share it with other companies.

The Risks

The director of Coding Rights, Joana Varon, evaluates that the use of the app brings a series of risks. One risk includes the violation of Brazilian legislation because it may be governed by the laws of other countries.

She says this results in a serious problem because facial recognition technologies have the potential to be used in abusive ways.

Our chief data officer, Eduardo Morelli, agrees:

“Privacy has already been considered the right not to disturb people. Today, the concept goes beyond the protection of personal data, viewed as an extension of personality, therefore an inalienable right of every individual.” 

Data Trading

What happens to users’ data if they stop using the FaceApp service? Unfortunately, the privacy policy does not address that issue. What if FaceApp is hacked or sold? The privacy policy fails again to address those scenarios. 

Users can protect themselves by avoiding to login through Facebook. All users should check the permissions that you are granting to FaceApp. 

Furthermore, the General Data Protection Act (GDPR) would also conflict with the application. It will establish some principles that should further explain personal data collection and their possible uses.