FaceApp is a privacy nightmare, but Nepalis seem to be least bothered about itUnless regulatory bodies like Apple and Google prioritise digital data privacy, a secure ecosystem for private data on the internet is a distant dream.
Pranav Kafle and his best friend have always felt like old-souls, so when technology provided them with an opportunity to gaze into their future selves, they signed up without hesitation. Following the many people who had already posted pictures of their older selves, Pranav posted one as well, in good humour, with his best friend. The app behind this viral social media trend, the Russian-made FaceApp, presented users with an ‘ageing’ effect that used artificial intelligence and machine-learning to render life-like impressions of people decades into their future.
Days after the trend went viral, however, panic over the app’s lax approach to privacy threw internet users into a frenzy. Much of this distrust was based around a section in the app’s terms of service. This section gave the app a “perpetual, irrevocable, nonexclusive, royalty-free (and) worldwide” license to the data uploaded to their servers which, as experiments show, is quite a lot. While the app developers have defended themselves by assuring users that they delete “most” photos after 48 hours, this privacy scare has fueled questions around digital data privacy.
Even in Nepal, many internet users partook in the trend, posting pictures of themselves with wrinkled skin and greying hair.
“I saw pictures of my friends with the filter on but didn’t think much of it,” says 18-year-old Rohan Manandhar, who is a primary level teacher at Ideal Model School. “But after I saw many others post similar photos, I started using the app to make funny faces of myself and my close circle of friends.”
Currently, FaceApp is the number one trending app on both Google Play Store and the App Store with more than a hundred million downloads on Google Play alone. While surges in downloads might have been influenced by the recent social media trend, the app itself was developed back in 2017. The feature to age oneself has been a part of the app since then but it has become significantly better now, thanks to advancements of their artificial intelligence system. Apart from the ageing effect, the app also offers options like adding a creepy smile to photos or cosmetic retouching through their controversial ‘hot’ filter.
The features of the app may look playful and innocent, but many of the app’s users are questioning its tendency to process images online. Once data has been uploaded to a server, users have no control of how their data is going to be used, raising suspicions on its usage for more nefarious purposes, like identity-theft or big data analytics. FaceApp is not the first app to work with online servers, however. Snapchat also works with online servers, although its data privacy has been severely questioned and regulated—albeit the company assures its users that data on their servers are regularly deleted.
Owing to many instances of data breach and data siphoning from big name businesses like Facebook and Google, FaceApp feels like another addition to a number of services mining user data for profiteering. But for many Nepali internet users, privacy seems to be less of a concern.
“At least they’re telling you how they’re going to use your data,” says 24 years old Kafle, CEO of an online laundry service, Safa Luga. “Social media services have so much information on you, but do we know what they’re doing with it? There is a bit of transparency with many big-name tech companies, but do we trust them? Do we even care what they do with our data? Most don’t.”
Social media trends also push people to disregard privacy concerns and use unsafe applications to indulge in online participatory culture. Suman Nepali, another FaceApp user, says he was aware of the privacy concerns around the app but he still chose to use it. “Android even prompted me with messages asking if I would give FaceApp permission to access my photos, and I clicked allow because I wanted to use the app,” he says. “It doesn’t bother me that they have my photo and that they can use it for other purposes, as long as it is not used nefariously.”
Even though users seem to be apathetic towards their data privacy, security professionals point out that once access to personal data is given, the probability of information theft, identity theft and digital stalking also opens up. The fact that FaceApp was developed by a Russian developer also works against it in this regard. Chinese-made photo editing app Meitu also raised privacy concerns back in 2017 for accessing and sharing important identifying data with Chinese servers.
All of this data is important for businesses, governments and private firms as research material, but in many cases, this information can also be used for various crimes. “With just your username, hackers can access all of your information online,” says Nirmal Dahal, head of security at Cryptogen Nepal, a local cybersecurity firm. “Using various tools like OSINT Frameworks, it is possible to access very sensitive personal data that can be used for criminal activities like identity theft. With the proper tools, hackers can even track your location through your mobile devices or even through ATM machine usage. With our lives moving more towards digital spaces, personal data on the internet becomes more important than ever and users need to understand the gravity of keeping data private on the internet,” he says.FaceApp is not the first and is probably not going to be the last app that tries to mine your personal data, and even though many users are happy skipping reading the terms and conditions and signing away their digital privacy, there are many who are concerned about their privacy. Conversations around data privacy in FaceApp sparked swiftly, as soon as the app started going viral, but regardless of all the privacy concerns around FaceApp, it is currently editor’s choice on Google Play. And unless regulatory bodies like Apple and Google, as well as users, prioritise digital data privacy, a secure ecosystem for private data on the internet feels like a distant dream.
What do you think?
Dear reader, we’d like to hear from you. We regularly publish letters to the editor on contemporary issues or direct responses to something the Post has recently published. Please send your letters to firstname.lastname@example.org with "Letter to the Editor" in the subject line. Please include your name, location, and a contact address so one of our editors can reach out to you.