Don't use FaceApp if you want to keep the rights to your photos

Posted:
in General Discussion
FaceApp has added new age-based filters to their app, bringing it back into the public eye and back on to users' phones. However, if you want to keep your photos as your own, you probably shouldn't use the app.

FaceApp


FaceApp has gone viral again, thanks to a couple of new filters. The AI photo editor has been popular for ethnic swap filters and gender swap filters in the past, and has recently added in filters that edit a person's image to make them appear younger or older than they are.

Along with the resurgence of popularity, it's worth taking a look at the way FaceApp handles a user's created content and user's right to privacy. After all, hundreds of thousands of FaceApp images have been created, it may be time to look at what FaceApp is allowed to do with them.

According to the Terms of Service laid out by FaceApp, users own all their own content -- except they don't really. Much like other content creation apps, FaceApp has included a section in their terms of service that states that the company has carte blanche over anything a user creates with the service.

FaceApp's terms of service as of July 17, 2019
FaceApp's terms of service as of July 17, 2019


The terms of service start out by stating, "Except for the license you grant below, you retain all rights in and to your User Content, as between you and FaceApp. Further, FaceApp does not claim ownership of any User Content that you post on or through the Services."

The statement seems innocuous enough, and it sounds as though anyone who uses FaceApp retains full rights to their content. However, the "license you grant below" section immediately dispels that notion.

The section goes on to state, "You grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you. By using the Services, you agree that the User Content may be used for commercial purposes. You further acknowledge that FaceApp's use of the User Content for commercial purposes will not result in any injury to you or to any person you authorized to act on its behalf."

Essentially, if you make something in FaceApp, FaceApp can do whatever it wants with what you've made. Not only can it repost your images without your permission, it can monetize the images, either directly or indirectly, without compensating you or notifying you that it has done so in any way.

This means that while FaceApp acknowledges they do not own the content that they are creating, they are legally, perpetually, and irrevocably allowed to do whatever they want with said content. Not only can they use the content in whatever way they want, they also state that you waive all rights if their use somehow causes damages to you.

In addition to being able to use your images without your knowledge, FaceApp's terms go on to state that they have no obligation to keep anything a user creates private. "You grant FaceApp consent to use the User Content, regardless of whether it includes an individual's name, likeness, voice or persona, sufficient to indicate the individual's identity."

This raises some concerning questions over the ability to freely show the content created by minors who make up a not-insignificant amount of FaceApp's users. Minors, due to their age and inexperience, would not be able to consent to having their images used by FaceApp. Similarly, Amazon had recently faced lawsuits due to mishandling of minors' data.

And lastly, FaceApp has included a small sentence that states they are allowed to store your content regardless of whether or not you delete it from their service. They state that it is in order to "comply with certain legal obligations," though they do not go on to define what the obligations are. Again, this is increasingly concerning as data breaches are becoming increasingly common.
dysamoria
«1

Comments

  • Reply 1 of 26
    davgregdavgreg Posts: 422member
    Not sure about now, but didn’t Facebook claim all photos you posted for themselves?

    Between the data mining, tracking and grabbing of personal IP, greed is killing the internet.
    rotateleftbytejahbladeflyingdplostkiwiAppleExposeddysamoriaracerhomie3tyler82Carnage
  • Reply 2 of 26
    davgreg said:
    Between the data mining, tracking and grabbing of personal IP, greed is killing the internet.
    Agreed, I've already dropped all my "social" accounts, Facebook and such. I've told youtube not to keep my history (probably a useless gesture). I keep a rotating set of emails that I can give out and periodically delete without concern when the crap gets beyond a certain point.
    This is one of the main reasons I use Apple products. They are not pristine, but also not even in the same neighborhood as Facebook, Amazon...

    There needs to be limits to what can be waived/reassigned via a clickable EULA.
    cornchiplostkiwiracerhomie3SnickersMagoowatto_cobra
  • Reply 3 of 26
    krreagan2 said:
    There needs to be limits to what can be waived/reassigned via a clickable EULA.
    There are.  Except you have to be a lawyer and/or be willing to sue to get a court to clarify what those limits are.
    mld53acornchipdysamoriaFileMakerFellerhabi000watto_cobraCarnage
  • Reply 4 of 26
    And ... why hasn't Apple pulled the app? They pull apps for all kinds of silly reasons. Downloading all your photos without permission should be enough to get them off the App Store until they do their 'splaning.
    AppleExposed
  • Reply 5 of 26
    And ... why hasn't Apple pulled the app? They pull apps for all kinds of silly reasons. Downloading all your photos without permission should be enough to get them off the App Store until they do their 'splaning.
    It doesn’t appear to me that the article says the app is downloading all of your photos. Faceapp is saying they retain the right to use the images that are created within the app. And I imagine people are agreeing to the terms of service before using the app so, in effect, they HAVE given Faceapp permission to use those images.
    racerhomie3watto_cobra
  • Reply 6 of 26
    uraharaurahara Posts: 263member
    And ... why hasn't Apple pulled the app? They pull apps for all kinds of silly reasons. Downloading all your photos without permission should be enough to get them off the App Store until they do their 'splaning.
    And what reason that would be in this case?
    watto_cobra
  • Reply 7 of 26
    macplusplusmacplusplus Posts: 1,888member
    urahara said:
    And ... why hasn't Apple pulled the app? They pull apps for all kinds of silly reasons. Downloading all your photos without permission should be enough to get them off the App Store until they do their 'splaning.
    And what reason that would be in this case?
    “Apps cannot claim rights on user created content.” Isn’t that enough?
    FileMakerFeller
  • Reply 8 of 26
    crowleycrowley Posts: 5,989member
    urahara said:
    And ... why hasn't Apple pulled the app? They pull apps for all kinds of silly reasons. Downloading all your photos without permission should be enough to get them off the App Store until they do their 'splaning.
    And what reason that would be in this case?
    “Apps cannot claim rights on user created content.” Isn’t that enough?
    Since the app modifies any user content with filters, and those filters are the reason the app is popular, it probably isn't unreasonable to say that the content is not user-created (or at least not wholly), but created by the app.

    I imagine that's the argument anyway, I'd never use this trashy nonsense.
    SnickersMagoo
  • Reply 9 of 26
    Geets RomoGeets Romo Posts: 2unconfirmed, member
    After reading this I'm now left curious as to how many individuals will still download and use. 
    watto_cobra
  • Reply 10 of 26
    WARNING: Lawyer-generated post ahead!
    WARNING WARNING: This lawyer works extensively in IP licensing, so save yourself 30 seconds and just shut your eyes, now.
    WARNING WARNING WARNING: Never ever ever take legal advice from someone on the interweb.

    Yes, that's a very broad grant, in itself. But almost every line of that terrible document and connected Privacy Policy is full of things a lawyer would advise a client against agreeing to, and when attacking it a lawyer might skip the details and posit that it's against public policy (that might be the strongest argument, frankly). Especially regarding minors - the policy says that 13+ means that you are saying (by clicking) that you are 13+ and if under 18 a parent or legal guardian is approving when the minor clicks. I mean... that's just asinine to anyone who lives in an objective reality.

    So the author isn't wrong that this awful doc says that the end user grants this license to faceapp and everyone faceapp has ever said "hello" to (check out the unholy definition of "affiliate" in the privacy doc!). But just because the end user says faceapp "can" doesn't mean there aren't other regulatory or policy reasons stopping faceapp, facebook, facesmash, or smashmouth.  Focusing on the grant of license isn't wrong, but really the entire doc needs a "plain english" laugh track (or drinking game: do a shot every time you feel violated).

    Oh, and notice that the user doesn't own the user generated filters; faceapp owns those: You own your original content, but not your "older" self.
    space2001ronnarthurbawatto_cobra
  • Reply 11 of 26
    Nicole Perlroth, NY Times CyberSecurity reporter:

    "Good job submitting millions of faces to a St. Petersburg, Russia based app with a horrific privacy policy that will likely pass this on to state, facial recognition databases, everyone in my Twitter feed. 


    You 👏🏻 have 👏🏻 learned 👏🏻 nothing."

    ronnwatto_cobraCarnage
  • Reply 12 of 26
    gatorguygatorguy Posts: 20,904member
    From the Faceapp developer in response to a question sent to them:

    We are receiving a lot of inquiries regarding our privacy policy and therefore, would like to provide a few points that explain the basics:

    1. FaceApp performs most of the photo processing in the cloud. We only upload a photo selected by a user for editing. We never transfer any other images from the phone to the cloud.

    2. We might store an uploaded photo in the cloud. The main reason for that is performance and traffic: we want to make sure that the user doesn’t upload the photo repeatedly for every edit operation. Most images are deleted from our servers within 48 hours from the upload date.

    3. We accept requests from users for removing all their data from our servers. Our support team is currently overloaded, but these requests have our priority. For the fastest processing, we recommend sending the requests from the FaceApp mobile app using “Settings->Support->Report a bug” with the word “privacy” in the subject line. We are working on the better UI for that.

    4. All FaceApp features are available without logging in, and you can log in only from the settings screen. As a result, 99% of users don’t log in; therefore, we don’t have access to any data that could identify a person.

    5. We don’t sell or share any user data with any third parties.

    6. Even though the core R&D team is located in Russia, the user data is not transferred to Russia.

    Additionally, we’d like to comment on one of the most common concerns: all pictures from the gallery are uploaded to our servers after a user grants access to the photos (for example, https://twitter.com/joshuanozzi/status/1150961777548701696).  We don’t do that. We upload only a photo selected for editing. You can quickly check this with any of network sniffing tools available on the internet.


    racerhomie3FileMakerFellerarthurbamuthuk_vanalingamCarnage
  • Reply 13 of 26
    AppleExposedAppleExposed Posts: 1,381unconfirmed, member
    krreagan2 said:
    davgreg said:
    Between the data mining, tracking and grabbing of personal IP, greed is killing the internet.
    Agreed, I've already dropped all my "social" accounts, Facebook and such. I've told youtube not to keep my history (probably a useless gesture). I keep a rotating set of emails that I can give out and periodically delete without concern when the crap gets beyond a certain point.
    This is one of the main reasons I use Apple products. They are not pristine, but also not even in the same neighborhood as Facebook, Amazon...

    There needs to be limits to what can be waived/reassigned via a clickable EULA.

    Telling Google not to store something basically means "we won't show it to you."
    dysamoriaracerhomie3watto_cobra
  • Reply 14 of 26
     bkla bkla Posts: 1unconfirmed, member
    just want to say this: It was made by the Russians.  
    watto_cobra
  • Reply 15 of 26
    Rayz2016Rayz2016 Posts: 4,726member
    gatorguy said:
    From the Faceapp developer in response to a question sent to them:

    We are receiving a lot of inquiries regarding our privacy policy and therefore, would like to provide a few points that explain the basics:

    1. FaceApp performs most of the photo processing in the cloud. We only upload a photo selected by a user for editing. We never transfer any other images from the phone to the cloud.

    2. We might store an uploaded photo in the cloud. The main reason for that is performance and traffic: we want to make sure that the user doesn’t upload the photo repeatedly for every edit operation. Most images are deleted from our servers within 48 hours from the upload date.

    3. We accept requests from users for removing all their data from our servers. Our support team is currently overloaded, but these requests have our priority. For the fastest processing, we recommend sending the requests from the FaceApp mobile app using “Settings->Support->Report a bug” with the word “privacy” in the subject line. We are working on the better UI for that.

    4. All FaceApp features are available without logging in, and you can log in only from the settings screen. As a result, 99% of users don’t log in; therefore, we don’t have access to any data that could identify a person.

    5. We don’t sell or share any user data with any third parties.

    6. Even though the core R&D team is located in Russia, the user data is not transferred to Russia.

    Additionally, we’d like to comment on one of the most common concerns: all pictures from the gallery are uploaded to our servers after a user grants access to the photos (for example, https://twitter.com/joshuanozzi/status/1150961777548701696).  We don’t do that. We upload only a photo selected for editing. You can quickly check this with any of network sniffing tools available on the internet.



    Did you actually read the article?

    This has nothing to do with them uploading pictures; it's do with FaceApp claiming ownership of anything that you run through their dodgy software.


    dysamoriawatto_cobra
  • Reply 16 of 26
    dysamoriadysamoria Posts: 2,266member
    After reading this I'm now left curious as to how many individuals will still download and use. 
    Everyone who doesn’t read the EULA. 
    Geets Romowatto_cobra
  • Reply 17 of 26
    dysamoriadysamoria Posts: 2,266member
    Thank you, Apple Insider, for pointing out this egregious EULA. I don’t use this app, but these sneaky EULAs (MANY have egregious terms) are one of the things about the computer industry that I’ve been trying to get people to understand and pay attention to. They’re generally abusive and they need to be regulated into oblivion to protect society. The first step is people actually paying attention to them. 
    racerhomie3Geets Romowatto_cobra
  • Reply 18 of 26
    gatorguygatorguy Posts: 20,904member
    Rayz2016 said:
    gatorguy said:
    From the Faceapp developer in response to a question sent to them:

    We are receiving a lot of inquiries regarding our privacy policy and therefore, would like to provide a few points that explain the basics:

    1. FaceApp performs most of the photo processing in the cloud. We only upload a photo selected by a user for editing. We never transfer any other images from the phone to the cloud.

    2. We might store an uploaded photo in the cloud. The main reason for that is performance and traffic: we want to make sure that the user doesn’t upload the photo repeatedly for every edit operation. Most images are deleted from our servers within 48 hours from the upload date.

    3. We accept requests from users for removing all their data from our servers. Our support team is currently overloaded, but these requests have our priority. For the fastest processing, we recommend sending the requests from the FaceApp mobile app using “Settings->Support->Report a bug” with the word “privacy” in the subject line. We are working on the better UI for that.

    4. All FaceApp features are available without logging in, and you can log in only from the settings screen. As a result, 99% of users don’t log in; therefore, we don’t have access to any data that could identify a person.

    5. We don’t sell or share any user data with any third parties.

    6. Even though the core R&D team is located in Russia, the user data is not transferred to Russia.

    Additionally, we’d like to comment on one of the most common concerns: all pictures from the gallery are uploaded to our servers after a user grants access to the photos (for example, https://twitter.com/joshuanozzi/status/1150961777548701696).  We don’t do that. We upload only a photo selected for editing. You can quickly check this with any of network sniffing tools available on the internet.



    Did you actually read the article?

    This has nothing to do with them uploading pictures; it's do with FaceApp claiming ownership of anything that you run through their dodgy software.


    Yeah, I read the article, and yeah it has to do with uploaded pictures. Did you bother to look at what what triggered the entire episode to begin with? Check the blue link I gave you. Pay attention to what the developer says about user uploaded images too in the reply they gave.

    Have you considered doing the same type of research I did to get some of these answers for the forum membership? You really should, they'd appreciate it. 

    Does this mean Faceapp is now considered trustworthy? Nope.

    That you aren't interested in what they had to say about the dustup (but i'd be more than curious why you aren't) doesn't mean no one else is. Personally I'm not convinced they've told us everything we should know either but at least some questions have now been answered, and some EULA elements explained a bit more clearly. The Europeans will make sure that what they had to say in their answer is what they actually do. 
    edited July 17 muthuk_vanalingamavon b7
  • Reply 19 of 26
    AppleExposedAppleExposed Posts: 1,381unconfirmed, member
    davgreg said:
    Not sure about now, but didn’t Facebook claim all photos you posted for themselves?

    Between the data mining, tracking and grabbing of personal IP, greed is killing the internet.
    Yes they can use your face in marketing materials etc.

    Funny thing happens when you post a picture of Mark Zuckerberg though:

    "Randi Zuckerberg, the sister of Facebook founder Mark, has complained that her privacy was breached on the social networking site when one of her photos was taken and shared on Twitter. "

    https://www.christianpost.com/news/zuckerberg-family-photo-leaked-randi-zuckerberg-angry-others-blame-facebook-87277/

    And the photo(before it was removed) was just the Zuckerberg family standing around a kitchen
    watto_cobra
  • Reply 20 of 26
    sdw2001sdw2001 Posts: 17,044member
    This is part of using free services.  I’m personally not concerned about the app.  Facial recognition is everywhere..if you use the Internet, you’re on the grid.  You are captured a dozen times a day on video even if you’re not online.  The fact is there is zero privacy if you live in the modern world.  The best you can do is protect your financial data and identity.  
    watto_cobra
Sign In or Register to comment.