Here we go again…
An application that allows you to upload a picture of a face and see it aged is getting public attention for being a security risk. The FaceApp Facebook application is being presented as being extremely dangerous to your personal security. What’s ironic is that a lot of the focus is on the rumor that the application is from a Russian company, and that is why you should be concerned. It is as if the capitalistic exploitation that can occur from American or any other company around the world is less concerning than what the Russians could do.
The reality is that this application should be concerning, but so should every other application you install. While the Russians might exploit your data and information, so might any other company in any other country of the world. In fact, in most cases, the companies don’t have to do anything illegally, because most people give their permission to the companies to use their data. Yes, if you installed that application on your phone or computer and clicked “okay” (or something similar), then you often give permission and rights for your data to be used. Once you’ve given that permission, you’ve opened yourself up.
The irony of the FaceApp program is that one of the biggest concerns raised is that of giving away your image. With facial recognition becoming more engrained in security, the issue has been raised that you’ve given the image of your face to the Russians to use going forward.
Should you be concerned?
Absolutely; however, if you are using Facebook, then your concern shouldn’t be with this one Russian company, but with all companies. The reality is, if you’ve posted a public picture of yourself, if you’ve tagged a picture of yourself, if you’ve used your face as the image on your icon for any social media site (Facebook, LinkedIn, Instagram, etc.), then you’ve already given away this key information.
Giving Apps Permission
The reality is, most applications ask for permission to access your photos, phone, contact lists, or other information. If you say ‘yes’ to any of these requests when installing an application, then you’ve given up that information for a company to use. Once you’ve done this once, you have lost most – if not all – of your control of that data. When the original Pokemon Go App was released, it asked for nearly every piece of information on your phone. It wasn’t until after millions of people installed the application that the general public started asking why all the permissions were needed. While Pokemon Go eventually reduced the request for access, for millions, the damage was already done – the permissions had been given.
While it is your right to give others your personal information, it is not your right to give away other people’s. As such, when you post pictures of others and then tag them, you are giving away that person’s identity as well. Because digital pictures can include location and other information, you might be giving away much more information as well.
If you search the Web for me, you’ll find a ton of information. Due to the jobs I’ve had, there was no way to avoid a digital footprint. If you search for my kids, you’ll find much, much less. In fact, if you find a tagged picture of any of my kids, let me know. With rare exceptions, they shouldn’t exist. Why? For their security.
The FaceApp Scare
The FaceApp scare is real. The Russian piece is silly, but the permissions piece isn’t. With any app, if you give access to anything on your system, then you should expect that it can be exploited. If you don’t want to give a company permission to use your pictures any way they care to use them, then don’t install an app that asks for permission to your folders, files, or pictures. If this is a concern, you are likely to find very few apps you can install.
One Step Further with Websites
If the FaceApp security issue concerns you, then you should also be aware of what websites you use. If you go to a website and use it, then you are agreeing to the permission statement on that website. It is highly unlikely you’ve read the permission statements on a website. If you had, you likely wouldn’t go to many websites anymore. I’ve written on this in the past. For example, the site Angie’s List has (or at least had at one time), a clause in its site usage permissions page that if you posted a negative review, they could fine you. Yes, by using the site, you basically agreed that you would pay a fine if you posted a negative review. Would Angie’s List ever implement this fine? Likely not, but then a Russian site is not likely to do anything with your photos either.
In conclusion, you should be concerned about he FaceApp; however, you should also be equally concerned with every other app or site you use. Facebook and Google are rumored to be two of the biggest companies that exploit the data you provide. As such, if you are going to be concerned with your security and data, you might want to start by considering what you’ve allowed them to do before you start getting too concerned with a Russian company and your pictures.