FaceApp & the Russians: Warning Signs?

You’ve likely heard of FaceApp, maybe you have even tried it. It is unquestionably one of the most popular Apps circulating today. It quickly went viral due to the “#AgeChallenge,” where celebrities as well as ordinary folks download it to use an old-age filter generating an image of what a user might look like in a decade or more. Launched by a Russian start-up in 2017, FaceApp has come under fire lately because of fears that user data was being sent to Russian servers. There are other potential privacy concerns as well, including some claims that the App has an ability to access a user’s entire photo gallery.

Is FaceApp safe to use? Probably; though I’m not planning on using it personally, as I have zero interest in seeing what I’ll look like in 20 to 30 years. But as I was watching a TV news report on FaceApp, it reminded me of an important Cybersecurity issue that might fall under the category, “Social Media: Be Careful What You Share.”

When you use FaceApp and agree to its user terms, what are you sanctioning? For one, the App is permitted access to your photos, location information, usage history, and browsing history. During a news report, an executive representing FaceApp told CNBC that it only uploads the photo selected for editing. Further, the FaceApp rep said it does not take other images from a user's library, and that most images accessed by FaceApp are deleted from its servers within 48 hours. Still, the user agreement allows the developer access to a user's personal data. And, again, the developers of FaceApp and its Research and Development team are all based in Russia.

The amount and type of personal data we share, especially online, is something to consider. By way of example, the Apple X phone offers facial recognition as an alternative to using a personal identification number or password; does that suggest the Russian FaceApp programmers have developed a way to access a user's entire online account, since they have access to their photos? Remember that passwords are giving way to other log-in options, including biometrics. Consider the pace of technological development, including artificial intelligence when making decisions about where and how you share your personal information.

While Cybersecurity experts don’t appear particularly nervous about the FaceApp itself, the scenario should give us pause and prompt us to consider the potential ramifications of sharing our personal information.

HBK can help you with your Cybersecurity issues, including protecting your data. For assistance, call 330-758-8613 or email WHeaven@hbkcpa.com. As always, we’re happy to answer your questions and discuss your concerns.

Please indicate the industry that your company operates in: *

About the Author(s)
Bill is a Senior Manager in HBK’s IT Department and works out of the firm’s corporate office in Youngstown, Ohio. He specializes in cyber security, IT security, external IT audit, internal IT audit, IT consulting, software Development, IT governance, PCI-DSS, supply chain, system implementations and e-Commerce and has worked for a wide range of industries, including the Public Accounting field. Bill is a certified public accountant, a certified information system auditor, and a certified supply chain professional.
Hill, Barth & King LLC has prepared this material for informational purposes only. Any tax advice contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding penalties under the Internal Revenue Code or under any state or local tax law or (ii) promoting, marketing or recommending to another party any transaction or matter addressed herein. Please do not hesitate to contact us if you have any questions regarding the matter.