It's been hard to get rid of FaceApp over the past few days, whether it's your friends posting strange selfies using the app's aging and other filters or the short furore over the obvious (but not actual) circumvention of permissions on iPhones. Now the Senate is entering the fun: Later Chuck Schumer (D-NY) has asked the FBI and the FTC to look at App's data management practices.
"I am writing today to express my concerns about FaceApp," he writes in a letter sent to FBI director Christopher Wray and FTC chairman Joseph Simons. I have outlined their main concerns below:
It is unclear how long FaceApp retains a user's data or how a user can ensure that their data is deleted after use. These forms of "dark patterns", which manifest themselves in opaque information and broader user rights, may be misleading to consumers and may even constitute a fraudulent commercial practice. Thus, I have serious concerns about both the protection of the data being aggregated and whether the users are aware of who gets access to it.
FaceApp's place in Russia primarily asks questions about how and when the company provides access to information from US citizens to third parties, including any foreign governments.
For the cave residents among you (and among those I would normally proudly count on me) FaceApp is a selfie app that uses AI-esque techniques to apply different changes to faces, so that they get older or younger, add accessories and, unknowingly, change race. It didn't go so well.
There has been an increase in popularity over the past week, but it was also noted that the app seemed to be able to access your photos if you said it could or not. It turns out that this is actually a normal ability of IOS, but it was here in a fairly loose way and not as intended. And it was probably a mistake on Apple's side to let this method of choosing a single photo go against "never" the preference for photo access that a user had set.
Fortunately, the Senator's law is not worried about this or even the unfounded (we controlled) is about FaceApp secretly sending your data in the background. It is not. But it sends a lot of data to Russia when you tell that it gives you an old face, or a hipster face or whatever. Because the computers that make the actual image manipulation are there ̵
His concern about the lack of transparency is that user data is sent out to servers who know where, to be preserved for who knows how long, and sold to who knows who. Fortunately, the binding FaceApp managed to answer most of these questions before the Senator's letter was ever posted.
The answers to his questions, if we choose to believe in them, the user information is not actually sent to Russia, the company does not track users and does not usually sell data to third parties and remove "most" photos within 48 hours.
Although "dark patterns" as the senator speaks really are a problem, and although it would have been much better if FaceApp had said ahead of what it does with your data, this is hardly an attempt by a Russian opponent to build up a database of US citizens.
Although it is good to see Congress engage with digital privacy, the FBI and the FTC ask to look at a single app that seems unproductive when that app does not do so much to a hundred others, American and otherwise have done for years. Cloud-based processing and storage of user data is common – but is usually described a little better.
Indeed, as Schumer suggests, the FTC should ensure that "there are sufficient safeguards to protect the integrity of the Americans … and if not, that the public should become aware of the risks associated with the use of this application or others similar to it. . "But it seems to be the wrong nail to hang on. We always see the look of contact lists, fraudulent removal ceilings, sharing of poorly anonymized third-party tasks and other bad practices in apps and services all the time – if the federal government wants to intervene, let's get it. But let's have a law or a regulation, not a strongly formulated letter written after that fact.
Schumer Faceapp Letter by TechCrunch on Scribd