"Watts August will be driven by the beginning of next month, send this message to ten people for a lifetime free subscription, and the application will change color to blue." Similar to the previous letter, there were warnings about the application of FaceApp, an application that changes the face of the user, confirming that it loads all user images and stores them on cloud servers without their permission for facial recognition techniques, ignoring the fact that their images Personal Twitter, Facebook, or even "Watts August".
Allegations
Backspace has re-introduced the interface almost two years after its launch, thanks to a new feature that changes the user's face to make it appear smaller or larger, without forgetting to experiment with some hairstyles using artificial intelligence. The application is free for a while, and effects are limited. However, this did not prevent its spread overnight, turning into social networking, both in terms of applying these effects to images, and in terms of penetrating the application to the privacy of users.
The beginning of the allegations was with users of Apple smartphones who refused to grant the application access to the image album, although the application needed to select the image and pass to the algorithms, according to some, even with the application prevented access to the album could be selected from it, IOS is known for its toughness when it comes to user data access.
Should not photo access need to be enabled for this to be possible? 🤔 pic.twitter.com/wy45zKn63E - Karissa Bell (@karissabe) July 16, 2019 |
That incident opened the door to speculation, some said that the application's access to the album even with the granting of powers means a large proportion that it uploads those images to external servers, without the possibility to reduce this. For this reason, some immediately demanded that the application be deleted to limit this. A partial application that uploads images to servers came from the inability to take advantage of algorithm change profiles in case of disconnecting the Internet.
These claims were easy to ignore, but the use of terms such as computer vision algorithms and artificial intelligence, storage of images on external servers, not to mention that the founder of the application was Russian identity, led to panic and assumptions that have no basis - a big splint - for her.
It should be noted here that the image of the user in his personal page on Twitter or Facebook is never different, in terms of risk, than those that participated with the application of "FaceP", these companies are also able to pass those images of facial recognition algorithms. As they access the user's photo album on the device, they will be able at any time to store anything on external servers without their knowledge. So, all those applications can be put together in the dock.
Argument and logic
Many acknowledged the validity of these assumptions. They did not even go so far as to protect the app on the Android system, only to penetrate privacy based on a list of conclusions that the founder of the application waited to complete in a formal and categorical response one by one.
The success of the Russian founder has never been overnight. The application has been in place since 2017, and he has worked in companies like Microsoft and Yandex from 2003 until almost 2013, to establish his emerging company.
A five year overnight success pic.twitter.com/gvH9t5l3A2 - Jonathan Wegener (@jwegener) July 16, 2019 |
The version of the application on the IOS system and its access to images, even if not granted, is linked to Apple's eleventh version, which provided access only to select one image, meaning that the image selection interface from the album appears for that purpose Only (7). By closing the application will lose access and request permission again. It is true that this is not enough to override the idea of ​​removing all user images, but monitoring the activity of the application and the servers to which it relates can actually break it.
Some security experts said that there is no evidence against the application and confirms that it uploads all images on the servers without the knowledge of anyone. The application sends only the image chosen by the user to an external server, without any other images. Speaking of sending to external servers, this is necessary because the algorithms work on those servers. According to the operators, the images remain on the server for only 48 hours and then disappear. Stressing at the same time that these images and data will not be sold to any third party (5). In contrast, the fifth paragraph of the Convention on the Use of Hazardous Warnings makes use of the alarm bells because it explicitly strips the user of his or her rights. In other words, the ownership of all images will become an application capable of using them as he wishes.
Incidentally, the application does not force its users to register to use it. This means that even if images are used by facial recognition algorithms, they will not be directly related to a user unless the company has another database used for the matching and training process.
Using a network traffic analyzer, I tried to replicate the thing people are talking about with FaceApp allegedly uploading your full camera roll to remote servers, but I did not see the reported activity occurred. |
what if?
The app does not yet provide an option to delete user data, but this is possible by communicating with the company from within the app and manually requesting this. The servers used are not in Russia, but belong to Amazon and Google, meaning that the data is not stored inside Russia and will be subject to US laws that prevent access by any party except by an official order of the court. But what is the validity of these allegations?
Is there a confirmation that the app does not retain user image? On the ground; no, it is very easy to process images on a Google server and then transfer them to a server located in any other country. In this case, application algorithms can be trained on the images of a large group of users to change their features and foresight several years later, and then sell that database to companies specializing in computer vision, for example, making it easier for security agencies to find those wanted even after they have disappeared for years.
Reminder: Serious journalists do not based an article only on a tweet. Did you listen @ 9to5mac? You created an article on a speculation which is incorrect. I will show you 1 / n https://t.co/twIS0fpY7j - Elliot Alderson (@ fs0c131y) July 16, 2019 |
The above is as far as the application can do right now, which is the same thing that Facebook, or Snape Chat, can do, the users' images exist, and their data as well. With each new image uploaded by the user can be passed to the algorithms to become those algorithms later able to predict its shape after several years, so you get a new set of data in addition to the possession.
In all cases, the user is the commodity, and those algorithms that are trained in the "Face of August" will one day be sold to another. If the intention of the Russian founder and his team is 100% pure, then it will not be the intention of others as well. Ordinary phones such as the Nokia 3310 are the perfect solution for maintaining privacy. Otherwise, internet access and some services for it, Simple tracking to display ads, now evolving to reach the user profiles even after 20 or 30 years.