Data Privacy

FaceApp was Designated as a Potential Counterintelligence Threat by the FBI

Every so often, some new product goes viral and millions of people share it with their friends without giving it too much thought. Most of the time this is innocent enough, but sometimes bad actors take advantage of virality to collect people’s personal data, like with the compromise of user data with Facebook and Cambridge Analytica in the 2016 US election. 

In today’s day and age where there are so many different products competing for our attention and so many social networking and other apps that people freely share their personal information on, there are many opportunities for malicious entities to collect and use data for nefarious purposes. 

What is FaceApp?

FaceApp is a mobile application that launched in 2017 that uses artificial intelligence to realistically transform faces to look older, younger, or to change gender.  It was developed by the Russian company Wireless Lab, and became a viral sensation with millions of downloads. 

Why FaceApp Seemed Suspicious From the Start

One thing that made FaceApp different from other apps like Snapchat and Instagram that allow users to apply filters to your face is that it enabled more realistic facial transformations, and this was the main functionality as opposed to the app being a social network. Given that larger apps like Facebook have faced serious privacy issues recently, newcomers that are hungry for sensitive personal data should give users pause. 

Unfortunately, as the popularity of the app shows, many people don’t realize or care about the privacy concerns related to apps like FaceApp. Pictures of people as old versions of themselves or as a different gender started showing up on various social networks and triggering those who saw their friends to wonder how they’d look without worrying too much about the consequences. 

FaceApp was Designated as a Potential Counterintelligence Threat by the FBI

One other notable difference between FaceApp and other apps like Instagram is that it was developed in Russia as opposed to the United States. In a recent response to U.S. Senator Chuck Schumer, FaceApp was designated as a potential counterintelligence threat by the FBI. 

One of the most enlightening parts of the one-page letter from the FBI reads: 

“The FBI considers any mobile application or similar product developed in Russia, such as FaceApp, to be a potential counterintelligence threat, based on the data the product collects, its privacy and terms of use policies, and the legal mechanisms available to the Government of Russia that permit access to data within Russia’s borders.”

While the FBI isn’t stating that they have specific evidence that FaceApp has done anything improper with user data, they make it clear that they consider it to be a potential threat. Given the extent to which Russia has interfered in American politics and elections, it’s not a stretch to image potentially negative outcomes that could result from their government building a database of the faces of American citizens. 

The FBI letter goes on to further describe why this is concerning: 

“Russia’s intelligence services maintain robust cyber exploitation capabilities as evidenced by, for example, Russia’s surveillance system, the System of Operative Search Measures, which allows the Russian Federal Security Service (FSB) to obtain telephonic and online communications via direct connection to interest service providers (ISP). In other words, the FSB can remotely access all communications and servers on Russian networks without making a request to ISPs.”

While these aren’t necessarily new revelations, it paints a pretty stark picture of the Russian government’s surveillance system and data collection methods. It also makes it clear just how simple it would be for the FSB to collect the data from FaceApp to build a database matching the faces of Americans with their identities. 

It’s fair to say that Russia is not the only government that employs this kind of surveillance, China does as well as the U.S. and both companies have massively popular applications that collect massive amounts of personal data that the government can then collect and monitor. Viewing FaceApp as a security risk is reasonable, just as much as TikTok or Facebook. 

The privacy concerns raised by mobile and web applications like social networks or applications like FaceApp have increasingly become the focus of scrutiny by both users and governments, and for good reason. It’s become all too easy for an app developer to create something fun and catchy that influences masses of people to compromise their data without them realizing it. Time will tell whether we will see more regulations in this area or what actions tech companies will take to try to gain more trust. 

There are currently no comments.