Here we go again…
An application that allows you to upload a picture of a face
and see it aged is getting public attention for being a security risk. The FaceApp
Facebook application is being presented as being extremely dangerous to your personal
security. What’s ironic is that a lot of the focus is on the rumor that the
application is from a Russian company, and that is why you should be concerned.
It is as if the capitalistic exploitation that can occur from American or any
other company around the world is less concerning than what the Russians could
The reality is that this application should be concerning,
but so should every other application you install. While the Russians might
exploit your data and information, so might any other company in any other
country of the world. In fact, in most cases, the companies don’t have to do
anything illegally, because most people give their permission to the companies to
use their data. Yes, if you installed that application on your phone or
computer and clicked “okay” (or something similar), then you often give
permission and rights for your data to be used. Once you’ve given that permission,
you’ve opened yourself up.
The irony of the FaceApp program is that one of the biggest
concerns raised is that of giving away your image. With facial recognition
becoming more engrained in security, the issue has been raised that you’ve
given the image of your face to the Russians to use going forward.
Should you be concerned?
Absolutely; however, if you are using Facebook, then your
concern shouldn’t be with this one Russian company, but with all companies. The
reality is, if you’ve posted a public picture of yourself, if you’ve tagged a
picture of yourself, if you’ve used your face as the image on your icon for any
social media site (Facebook, LinkedIn, Instagram, etc.), then you’ve already
given away this key information.
Giving Apps Permission
The reality is, most applications ask for permission to access
your photos, phone, contact lists, or other information. If you say ‘yes’ to
any of these requests when installing an application, then you’ve given up that
information for a company to use. Once you’ve done this once, you have lost
most – if not all – of your control of that data. When the original Pokemon Go App
was released, it asked for nearly every piece of information on your phone. It
wasn’t until after millions of people installed the application that the general
public started asking why all the permissions were needed. While Pokemon Go
eventually reduced the request for access, for millions, the damage was already
done – the permissions had been given.
While it is your right to give others your personal
information, it is not your right to give away other people’s. As such, when
you post pictures of others and then tag them, you are giving away that person’s
identity as well. Because digital pictures can include location and other
information, you might be giving away much more information as well.
If you search the Web for me, you’ll find a ton of
information. Due to the jobs I’ve had, there was no way to avoid a digital
footprint. If you search for my kids, you’ll find much, much less. In fact, if
you find a tagged picture of any of my kids, let me know. With rare exceptions,
they shouldn’t exist. Why? For their security.
The FaceApp Scare
The FaceApp scare is real. The Russian piece is silly, but
the permissions piece isn’t. With any app, if you give access to anything on
your system, then you should expect that it can be exploited. If you don’t want
to give a company permission to use your pictures any way they care to use
them, then don’t install an app that asks for permission to your folders,
files, or pictures. If this is a concern, you are likely to find very few apps
you can install.
One Step Further with Websites
If the FaceApp security issue concerns you, then you should
also be aware of what websites you use. If you go to a website and use it, then
you are agreeing to the permission statement on that website. It is highly
unlikely you’ve read the permission statements on a website. If you had, you
likely wouldn’t go to many websites anymore. I’ve written on this in the past.
For example, the site Angie’s List has (or at least had at one time), a clause in
its site usage permissions page that if you posted a negative review, they could
fine you. Yes, by using the site, you basically agreed that you would pay a
fine if you posted a negative review. Would Angie’s List ever implement this
fine? Likely not, but then a Russian site is not likely to do anything with your
In conclusion, you should be concerned about he FaceApp;
however, you should also be equally concerned with every other app or site you
use. Facebook and Google are rumored to be two of the biggest companies that
exploit the data you provide. As such, if you are going to be concerned with
your security and data, you might want to start by considering what you’ve
allowed them to do before you start getting too concerned with a Russian company
and your pictures.