FaceApp: changes your face, but are your data safe?
By Maria Sol Porro, Trademarks Lawyer, and University Professor
The new filter that allows users to age their faces has caused FaceApp to be in the number one of downloads, on the one hand, and in the eye of the storm, on the other. The alarm has jumped when it has been discovered that the app does not notify at any time that the photos are processed in the “cloud”. When a photo is uploaded so that the faces appear older, younger or of another sex, the application sends it to a server that processes the file and returns it to us with the desired retouching, giving access to said data to all the signatures of the group Russian ¨Wireless Lab¨, the owner of FaceApp, as well as those unknown companies that become “affiliates.”
FaceApp, available on iOS and Android, explains that it does not rent or sell the information of its users to third parties outside of FaceApp (or the group of companies that FaceApp is a part of) without their consent, but in turn expose that they can share the User information without explicit consent with third-party organizations that help them provide the service. Again, the famous application would not be fully complying with the requirements in force in the General Data Protection Regulation in the case of the EU.
In this context, FaceApp recognizes that they are working to improve the quality of this service, in its latest press release. However, it has not updated its conditions of use since 2017, forcing the user to have to look for them within the website. This means that almost nobody stops to consult what information is going to be shared with the application and what is the use that will be made of it. Faced with this reality, the aforementioned debate makes us wonder: if a service is free on the internet, are we the customer or are we the product that is sold?