Jonathan Tait: FaceApp – fun on the face of it…
Jonathan Tait discusses the concerning details of a popular new app.
The latest craze to hit social media involves an app which can edit an image you upload, to show younger or older versions of yourself. Of course it’s a bit of fun and thousands have taken to using the app and taking up the #faceappchallange, but caution is urged as there is a genuine concern in relation to the rights that are handed over to the app, as well as the issue of data privacy.
FaceApp uploads images onto their cloud-based server in order to edit the pictures. Many question why this couldn’t be undertaken by the local device using the app instead.
The company behind FaceApp use a US-based server, while the company itself is based in Russia. Commercially, this may be advantageous as by using a cloud-based service, it allows the app to work fast, uses less of the device’s battery and also, undoubtedly, will make it harder for FaceApp’s competitors to hijack the technology behind it.
For those interested in data privacy, it may be worth looking more closely at FaceApp’s privacy policy which alludes to the fact that some data may be tracked for the purpose of targeted advertising. Furthermore, the app itself embeds Google Admob, which serves to provide Google advertising to the users. Critics have stated that this has been in such a way that it does not allow users or data subjects genuine control over how their data is being used, and will, therefore, fall foul of GDPR and data protection laws.
The app further reveals its intentions though closer scrutiny of its T&Cs which state that users are giving FaceApp a “perpetual, irrevocable, non-exclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license” to use and reproduce their image. We are painfully aware as data protection and IP lawyers of how little notice many people take of privacy policies and T&Cs, but would users really assign these rights if they knew about them? Given the requirement for transparency under new and updated data protection laws, the question perhaps should be “why don’t they know about them”?
The above concerns have obviously been picked up by some more astute individuals as privacy concerns have been reported to the Information Commissioner’s Office who are looking into the app and the company behind it.
They have stated: “We would advise people signing up to any app to check what will happen to their personal information and not to provide any personal details until they are clear about how they will be used”.
Whatever the outcome of this “look” may be, we would always advise individuals to fully ensure that they are aware of what is happening with their data with any app, website or service that they use.
Jonathan Tait is a solicitor at BTO LLP