FaceApp, the Viral Sensation—With Shades of Cambridge Analytica?

by: The Knowledge Group

July 22, 2019


If some of your social media friends suddenly look a lot older, their photos might have been altered by FaceApp, which digitally ages selfies.

With its portrait predictions amounting to either uncanny hits or cringeworthy misses, the Russian-owned app has proved irresistible to millions. Now, what is FaceApp’s position on user privacy?

The app collects photos and stores them in the cloud. It also stores information about how people use FaceApp, and lets corporate partners advertise to people through the app. It records IP addresses, browser types, and referring  URLs. It captures metadata—location tags and other tracking details—and keeps tracked data even after users remove the app. Lately, the panic over privacy suddenly went as viral as FaceApp itself. The outcry is in some ways reminiscent of the widespread alarm over Cambridge Analytica, which acquired access to people’s information by way of distributing online quizzes.

The company insists that Russia receives no FaceApp user data (although the FaceApp developer team is located in Russia) and that users may request deletion of their data from FaceApp servers.

The Democratic National Committee is telling 2020 candidates to stay away from the app in any case.

How Does Your Company Handle User Data? Key Compliance Rules in 2019

Should your company’s data collection and handling policies evolve? Legal experts and managers need to be well-versed on the ethical obligations, such as a duty of competence and duty of confidentiality, pertinent to companies that regularly handle personal data.

Class actions challenging data collection have been certified with low thresholds of harm. What are reasonable efforts to address data security? What should U.S. and international companies know about the right to be forgotten under the GDPR and California’s Consumer Privacy Act?

This live webcast will also consider several related topics, such as:

  • Handling cybersecurity breaches.
  • Attorney-client privacy breaches and lawyers’ ethical obligations.
  • What to look for in cybersecurity insurance.

The rules and best practices are changing. Join us at our Knowledge Group Online CLE Data Security Webinar Tuesday, July 30, from noon to 1p.m. eastern time.