FaceApp: How Does It Profit From Your Data? Is It Dangerous?

New day, new FaceApp controversy. Except this time the AI-based picture editing app might be coming in for some unfair criticism.

The bulk of the concerns are based around the fact that the app is extremely popular, processes personal images and is made by a Russian company. Concerned users – and some commentators – have extrapolated from those three facts that there’s something sinister going on.

There isn’t. Or, at least, the evidence doesn’t suggest there is something shady afoot. Here’s a breakdown.

I feel like I’ve been outraged about FaceApp before?

Like I said, this is round 2 of FaceApp getting the wrong kind of attention. In 2017 the app exploded into our feeds with expertly augmented images of what we all look like as another gender. The app also featured an option to make users more attractive, but it did so by giving black users lighter skin. The founder, Yaroslav Goncharov, blamed this on “training set bias”.

Now what?

FaceApp has exploded back into our feeds via a new FaceApp challenge that was partly fueled by celebrities. The source of the mass privacy concerns that spawned this debate came from a single (now deleted) tweet by developer Joshua Nozzi, who said that FaceApp “immediately” uploaded his pictures without consent. Mass internet panic ensued.

Is FaceApp stealing your pictures and giving them to the Russian Government?

The evidence doesn’t suggest so. FaceApp has said that is doesn’t share data with third parties and that it temporarily (48 hours) stores images in the cloud for performance reasons. Although speaking to Forbes, iOS security researcher Will Strafach, said that FaceApp could process the images on the device to be more secure.

Furthermore, submitted photos are uploaded to servers in the US, as Forbes’ Tom Brewster explains.

“And where are those servers based? Mostly America, not Russia. A cursory look at hosting records confirmed to Forbes that this was true: The servers for FaceApp.io were based in Amazon data centers in the U.S. The company told Forbes that some servers were hosted by Google too, across other countries, including Ireland and Singapore. And, as noted by Alderson, the app also uses third-party code, and so will reach out to their servers, but again these are based in the U.S. and Australia.”

Should I be concerned that the app has been developed by a Russian company?

The evidence doesn’t suggest anything underhanded is happening. There may very well be, but there isn’t anything suggest that’s the case and it’s unfair to assume so.

There is some interesting background to how the app was developed, though. The company behind FaceApp, Wireless Labs, works out of the Skolkovo Foundation, which describes itself as an “innovation ecosystem” – and is colloquially known as Russia’s Silicon Valley. Skolkovo Foundation and Wireless Labs were quick this week to point out that despite receiving accelerator help, it hasn’t received any money from the government founded organisation. Clearly both parties knew that a possible link to a government programme, however tenuous, wouldn’t play out well amidst the increased scrutiny.

Wireless Labs says it doesn’t take money from the Skolkovo Foundation, but it does make money from FaceApp. A search of Russia’s Federal Tax Service website bought up records on Wireless Labs (although you have to play around with the spellings) but no financial information. Audit-it.ru shows that Wireless Labs had a net income in 2017 of 28 million rubles, which is $446,287. There’s no financial information for 2018.

I’ve double checked with Wireless Labs to confirm these numbers and asked for a breakdown of how it makes money (wether it’s from paid subscribers, ads or another source).  I’ll update the story with its reply.

So why the panic?

The concern appears to be that the app is using AI, the public’s pictures and that the developer is Russian. Obviously I can’t say that for sure – people are rightly distrustful of ‘free’ apps, especially after the Cambridge Analytica scandal – but fear of the Russian Bogeyman certainly played its part in the widespread panic.

The situation hasn’t been helped by politicians. In particular: Senator Chuck Schumer who has called on the FBI and FTC to investigate any potential privacy risks. Again, unless Schumer has evidence of wrongdoing that the public isn’t privy too, this seems to be based on the fact that the app has been developed by a Russian company.

Previous Article
Next Article

One Reply to “FaceApp: How Does It Profit From Your Data? Is It Dangerous?”

Leave a Reply

Your email address will not be published. Required fields are marked *