Estimated reading time: 1 minute, 54 seconds

FaceApp Viral Scare Adds Wrinkles to Cybersecurity Debate

Sunday, Aug 04 2019
Cybersecurity
Written by  Security Tech Brief Staff
FaceApp Viral Scare Adds Wrinkles to Cybersecurity Debate

Cybersecurity concerns went viral last month as celebrities like Drake and the Jonas Brothers helped popularize FaceApp, a photo filter app for smartphones.

Prominent Democrats and Republicans and many cybersecurity experts warned that FaceApp, which alters images to make a person look older or younger, could pose unexpected risks. But, some experts weighed in that the panic itself appeared overblown, cautioning that Instagram and other social apps may also have more access to personal data than users realize.

“People should know that giving a photo of their face to a random app is a very bad idea and has a lot of privacy issues,” French security research Baptiste Robert told NBC News. “They have no idea how their photo can be used.”

As PC Magazine reports, software developer Joshua Nozzi tweeted on July 15 that FaceApp “immediately uploads your photos without asking, whether you chose one or not.” The New York Post followed with the headline, “Russians now own all your old photos.”

Within days, Sen. Chuck Schumer (D-NY) was calling for a federal investigation into the Russia-based company that makes FaceApp, known as Wireless Labs. Nikki Haley, a former Republican governor of South Carolina and ex-ambassador to the United Nations, tweeted that FaceApp users were “giving them access to all of your contacts and info.”

But Robert and other security researchers pointed out that FaceApp only uploads the photo being edited, similar to other photo-editing software. “Most images are deleted from our servers within 48 hours from the upload date,” FaceApp told TechCrunch in a statement, claiming that no user data is “transferred to Russia.” And Nozzi deleted his original tweet, adding, “I was wrong.”

Still, FaceApp didn’t notify users in advance that even a single photo would be uploaded to its servers, as Guardian Firewall CEO Will Strafach observed on Twitter. Moreover, CNET notes that FaceApp’s terms of services are broad—and Russia aside, not so different from the blanket language consumers agree to when using Facebook, Instagram and Snapchat.

Liz O’Sullivan, a technologist at the Surveillance Technology Oversight Project, told NPR, “My impression of it honestly was shock that so many people were, in this climate, so willing to upload their picture to a seemingly unknown server without really understanding what that data would go to feed.”

Read 2223 times
Rate this item
(0 votes)
More in this category: « Data Breach Hits Millions of LabCorp, Quest Diagnostics Patients Capital One Suspect May Have Breached 30 Other Organizations »

Visit other PMG Sites:
PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.
Ok Decline