FaceApp Isn’t Creepy Because It’s Russian, It's Creepy Because It’s Capitalist

FaceApp’s privacy policy is bad. Its policy isn’t uniquely bad because it’s a Russian company.
Vladimir Putin made to look older using FaceApp.

Every couple of months, photos from FaceApp—a face-editing app that uses neural network to make users look younger, older, more feminine, or more masculine—goes viral. Two years ago, it rolled out a racist face-altering feature that made people into racist caricatures of different races. This week, the app’s viral filter was its aging feature, which makes users look like they’re elderly.

Within a few hours, the Twitter conversation about FaceApp became centered on one thing: the app is made by a Russian company based in Saint Petersburg, the implication being that it must be a data collection front for the Russian government.


Now, FaceApp’s privacy policy is bad. But it’s also not uniquely bad for an app that uses image data, and it’s not bad because the company that created the app is Russian. However, the traits of this bad privacy policy are remarkably similar to many American-owned and operated apps. Weather apps. Horoscope apps. Health apps. Fitness apps.

In order to work, FaceApp requires a user to hand over access to their entire camera roll, at which point the app automatically identifies images with faces. It doesn’t allow you to only permit camera access and take, say, one photo to be used by the app, or to upload individual photos to be filtered.

FaceApp also collects a variety of personally identifiable information, including “information from cookies, log files, device identifiers, location data, and usage data.” It provides this data to vaguely-defined "Affiliates" and "Service Providers," or parties that monitor the "effectiveness" of the app, "develop and test new products," track app metrics, and "diagnose or fix technology problems.” In other words, FaceApp reserves the right to share its information across several broad categories that could include several different types of companies.

Notably, FaceApp also gives user data to "third-party advertising partners."

“This information would allow third-party ad networks to, among other things, deliver targeted advertisements that they believe will be of most interest to you,” the privacy policy states.


Notably, in a statement to TechCrunch, FaceApp said, “We accept requests from users for removing all their data from our servers. Our support team is currently overloaded, but these requests have our priority.”

“Even though the core R&D team is located in Russia,” FaceApp told TechCrunch, “the user data is not transferred to Russia.”

Extracting data from unsuspecting users, selling and sharing that data god-knows-where, and justifying it by providing users unreadable privacy policies is a near-universal practice. It transcends Cold War phobias. It’s not Russian. It’s not American. It’s a fundamentally capitalist practice. Companies can only provide free apps and profit if they scrape and share data from the people that use it.

The fear of Russian apps seems to be in the same spirit as #ResistanceTwitter’s obsession with the Mueller Report. The discourse strayed from questioning corruption in the executive office of the U.S. government to incoherent chatter about shadowy “Russians.” The fact remains we have no idea how FaceApp is using this data, just like we don't know how lots of other apps are using our data. It should all be concerning, but FaceApp is not uniquely concerning.

There’s a legitimate discussion that we should have about how much data we hand over the private entities for the sake of mild entertainment. It’s useless to cloud that discussion with the latest American iteration of a Red Scare.