The Fun App Trap
“a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content [defined to include photographs, text, and “other materials”] and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you.”
In addition to privacy issues, national security concerns have also been raised in connection with use of the FaceApp, including by one high-profile senator and the Democratic National Committee, which recently warned presidential campaigns against using the app. The concerns have principally centered on the fact that FaceApp itself is based in Russia, a country which the US Intelligence Community considers a significant espionage threat. Russia’s government, even before 2016 legislation that formalized it, has had the inherent ability to strong-arm Russian companies into sharing their data, regardless of where it is stored or how long it is retained.
In the hands of Russian intelligence and security services, such as the Foreign Intelligence Service (SVR) or the Federal Security Service (FSB), this personal, biometric data of US citizens could be leveraged for nefarious purposes, unbeknownst to FaceApp users. In addition to deploying facial recognition to police the World Cup last year, Russia is currently in the process of outfitting Moscow with even more artificial intelligence-driven facial recognition systems, primarily sourced from China. FaceApp data could enable targeted surveillance to be conducted on Americans traveling or living in Russia.
A repository of facial photos, such as those uploaded to FaceApp, also could potentially be used to fraudulently access Americans’ smartphones. By gaming the facial identification systems that have replaced passcodes and fingerprint identification systems in recent years, malign actors could access a wide range of financial, medical, and other personal data that now resides on smartphones. Lastly, facial photos taken on a modern-day mobile phone typically have geolocation data embedded within them, which could raise both national security and privacy concerns.