What this basically means is that once you accept the terms and conditions of the app, they can use all the information (including your pictures) that you upload on the platform for whatever they please. This idea has not sat well with a number of people who have taken to Twitter to air their concerns. Some users even pointed out that the app was bypassing permissions on iOS, which is to say that regardless of your option to deny the app access to your photos, it still would access them:
Re: FaceApp, can’t speak to it “uploading” photos but the app is definitely able to access my library even though I have Photos permission set to “never” ? pic.twitter.com/jDMkqu5nML
— Karissa Bell (@karissabe) July 16, 2019
Get ready to see your photos used for campaign ads in next year's election. You probably already gave permission unknowingly.
— Hon-bap (@goodidea_) July 17, 2019
Following this, FaceApp has issued a response to the claims, basically stating that the app only uploads photos that users have selected. The company also explains that they do store photos on their cloud infrastructure but this is because they need to do the processing remotely, however, the company does not that they only store the images for around 48 hours and this is to improve performance of the app in case the user uploads the same image for various edits.
The issue of data privacy became even more intense after it was revealed that the app is run by a Russian company, however, FaceApp did state that their cloud infrastructure is based outside Russia, on Google Cloud and AWS to be specific. Further, FaceApp said that they do not have the ability to match information collected with a particular user since 99% of users use the app without signing up.
Here’s FaceApp’s full statement:
1. FaceApp performs most of the photo processing in the cloud. We only upload a photo selected by a user for editing. We never transfer any other images from the phone to the cloud.
2. We might store an uploaded photo in the cloud. The main reason for that is performance and traffic: we want to make sure that the user doesn’t upload the photo repeatedly for every edit operation. Most images are deleted from our servers within 48 hours from the upload date.
3. We accept requests from users for removing all their data from our servers. Our support team is currently overloaded, but these requests have our priority. For the fastest processing, we recommend sending the requests from the FaceApp mobile app using “Settings->Support->Report a bug” with the word “privacy” in the subject line. We are working on the better UI for that.
4. All FaceApp features are available without logging in, and you can log in only from the settings screen. As a result, 99% of users don’t log in; therefore, we don’t have access to any data that could identify a person.
5. We don’t sell or share any user data with any third parties.
6. Even though the core R&D team is located in Russia, the user data is not transferred to Russia.
Additionally, we’d like to comment on one of the most common concerns: all pictures from the gallery are uploaded to our servers after a user grants access to the photos (for example, https://twitter.com/
joshuanozzi/status/ 1150961777548701696). We don’t do that. We upload only a photo selected for editing. You can quickly check this with any of network sniffing tools available on the internet.
Will these privacy concerns stop people from using the app? Probably not. If Facebook’s case is anything to go by, these Privacy concerns are only a matter of concerns to a small group of people who are more tech-savvy, the rest of the community will just keep plastering the internet with photos of their old selves on the internet.