If you are on Facebook, Twitter or any other social media platform, you could not have missed the rapidly growing popularity of FaceApp in the last few days. FaceApp is the latest craze among social media addicts. Although the app is more than two years old, it became a rage only recently. No one seems to know why, but there have been several other apps which suddenly became a hit and then simply vanished in a few days.
However, the FaceApp craze has led to concerns over the privacy and security of user data. This isn’t the first time that concerns have been raised over user data privacy related to an app. Several apps have time and again come under the scanner of regulatory bodies across the world.
For the uninitiated, FaceApp is a mobile application which uses Artificial Intelligence (AI) to generate realistic transformation of faces in photographs. The app uses multiple filters to modify your photograph. The old age filter has particularly become a hit with social media users. The app is available on both Android and iOS. Since the user has to grant the app permission to access all his photographs, many have raised the concern that if the developers choose to do so, they can ask the app to upload all your photos to their servers and pass them to third parties.
Apps asking for the user’s permission to access photos and the contact list isn’t anything new. But FaceApp somehow has been in eye of the storm recently. Although Wireless Lab, the Russian company that has developed FaceApp, has already said that they don’t upload your photo library but only the images that a user puts forward, that too to servers in the US, and these are mostly deleted after 48 hours, concerns over the security of personal data persist.
Usually, users don’t think twice before downloading an app, but they should always double check before downloading any app. Although both Google and iOS claim that all the apps available on Play Store and Apple App Store are safe, no one can guarantee that completely. However, both Google and Apple have in the past removed several apps after detecting malware that raised questions on user data security.
“Photo-editing applications like FaceApp use neural networks. Mostly, they use AI to make the facial transformations. FaceApp can use photos from your library or alternative sources. Users can also click a photo within the app. If you have too many photos in your gallery, the app will scan your photo library and pull out only the photos that feature faces or are perfect for transformation. You can then save the edited image and post it on social media like Facebook, WhatsApp, Twitter and Instagram,” says Binod Kumar Jena, who works with the cyber security department of a multinational tech giant.
Concerns over misuse of uploaded content
These photo-editing applications aren’t too different from the other social media apps we use. For example, Facebook, Twitter and Instagram have rights over the content a user puts up. “Basically, we need to understand that anything we put up online no longer belongs to us. The terms and conditions of these apps are vague and lengthy. They exploit the consumers’ common disregard for extensive fine print, using our apathy to reserve more options and “rights” for their business in the future. Many of these points may not be relevant to their business now but can be used another time,” Binod adds.
Of course, all apps are not unsafe, nor do they always misuse your personal data. However, many apps have come under the scanner of regulatory bodies especially after Facebook was accused in early 2018 of data misuse that affected the personal information of more than 80 million users.
Since then, the possibility of a regulatory clampdown on how tech companies handle user data has been looming large. That said, users need not panic as most apps available on App Store and Play Store have passed security tests.
However, what most users fail to read are the terms and conditions (T&C). Cuttack-based Biswajeet Basantray, who works as an app developer at a multinational tech company, says, “If you check the official websites of photo-editing applications, you will see that by uploading a photo or video, you have actually given them the right to do virtually anything they want. The T&C of such apps also make it clear that targeted advertising is one of their goals. It embeds Google Admob, which serves Google ads to users, so you can expect new ads to pop up on Google base on the data received by such apps. However, the kind of advertisements is not disclosed.”
Although most apps claim to not misuse a user’s personal data, concerns remain. “If you are really concerned about this, there is an option in most of these applications like FaceApp which denies the app access to your photos and grants permission to use your camera only,” says Binod.
Earlier this year, Google removed 112 malicious apps from Play Store. Of these, many were gaming apps, which attract youngsters the most.
Prabhudutta Das, who works in the mobile networking department of an IT company, says, “Today we can access almost anything on our mobile phone, be it entertainment, food, sports or financial services. Mobile Internet affords anonymity to a certain extent but the risk of your personal information getting misused exists.”
“There are many sites, especially fake dating apps, which ask for personal information. Cyber criminals lie about who they are and convince people to share account numbers, passwords, and other information. Once they get access to your personal information online, they make purchases in your name. So, it’s not only in simple photo-editing and other fun apps, cybercrime can happen anywhere,” says Prabhudutta.
Bhubaneswar-based cybercrime expert and consultant Chirag Rath says, “Mobile apps always ask your permission to access your photo gallery and contacts when you start using them. Although these applications claim that your data is not shared with any third party and is secure, not all apps are authentic. Cyber criminals can easily steal your personal details through these fake apps especially if you are saving details of your personal accounts or a copy of your identity proof in your mobile.”
In recent times, several video apps for creating and sharing short lip-sync, comedy, and talent videos too have come up. While they boast a huge user base, concerns over user data misuse are expressed in relation to them too. Bhubaneswar-based Subarna Rout, an independent app developer, says, “I personally like TikTok, a video creating and short lip-syncing and sharing video app. However, I don’t like the duet option in the app. Since we allow permission to the app to access our information, other users also can use our video and add different voices. I have often come across vulgar lip-synced duet songs in regional languages which are very embarrassing to watch as the videos have no privacy on the TikTok cloud.”
App Education
- Make sure an app is from a trusted source before downloading. Third-party apps don’t have to pass rigid security checks, unlike the apps found in Play Store and App Store. Third-party apps could be malicious and can infect your phone with malware.
- Malicious apps can be found in Play Store and App Store also, but very rarely and they are quickly removed. Third-party app stores rarely do proper screening, making it easier for scammers to spread malware there.
- Verifying the name of the app developer is important. Duplicate apps will have a different developer. Before downloading an app, do a Google search to find the original developer.
- Popular apps will always have reviews by genuine users in both Play Store and App Store. You may also at times find reviews by prominent experts online. These help in differentiating them from malicious or faulty apps.
- Certain apps constantly send you notifications that pop up on your lock screen. A few of these can give away your personal information to anyone within view of your phone. All phones have the option of turning off notifications for any app.
- Don’t forget to update the OS and applications of the mobile at regular intervals.
- Avoid using your passwords for any secured sites. Instead use the virtual keyboard of the mobile to type passwords.
SOYONG, OP