Print Friendly, PDF & Email




            Faceapp, an image-editing app has caught the imagination of everyone from New York to Sydney; from Brussels to Chennai and beyond. There are millions of people, including several in India, who are transforming their current photo, using the apps age filter to see what they will look like when they are old. And these people are also sharing these photos on social media. The problem, however, is that just with any other app that uses personal data such as a photo, there are privacy concerns around FaceApp. A number of people have raised concerns, including a US senator who wants the app investigated by the FBI for possible data misuse. The primary issue seems to be a clause in the terms and conditions of FaceApp. This clause says users give FaceApp “a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license” to use photos they upload. Similar fears were raised when the trend of #10yearchallenge went viral on Facebook in January this year. In this people uploaded their photos from 10 years earlier to show how they changed.



What is FaceApp?

It’s an iPhone and Android app that takes your photos and performs some digitally wizardry to manipulate your face through a number of clever filters.


How does FaceApp work?

The app works by using the power of machine learning. This is a new technique that is increasingly ubiquitous in computing.

Essentially, rather than try to explain to a computer what it means to age – and describe using code what a wrinkle, grey hair or Werther’s Originals are – the computer will figure them out for itself by being “trained” with thousands of other photos of old people.



What do the FaceApp terms and conditions say?

One of the factors that has been amplifying the concerns has been the terms and conditions.

“You grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels.




  • We end up taking up extensions and we add them to our browsers, these extensions are leaking data to companies whose entire business model resides from the fact that they know which sites you visited what have you been.
  • It is a Russian-made app the data resides in Russia.
  • The process can be sublicensed and it is stored for perpetuity so even if the app is deleted there is perpetuity.
  • All this information could be sold the point is that if there is a click-wrap agreement
  • The app gets access to information such face, name, email which is stored with them.


What is the kind of information these apps extract?

  • geolocation of the user
  • name of the person
  • The email ID
  • Access to photo gallery
  • Information about our close friends
  • lifestyle



  • It has been noticed that any apps take away information which is not needed for their usage
  • We add our extensions and these extensions are leaking data to companies.



  • India has not signed any international convention on cybersecurity.
  • More people and organization are online, leaving digital footprints everywhere.
  • Data leaked can prove out to be destructive too.
  • People donot view such issues with security point of view.
  • Information leaked can be the basis of blackmail and demanding money.
  • Companies can use this data to target on ewith ads.



Way forward:

  • We need to educate the children especially school students because teh young generation is using these apps time and day.
  • Important for the experts to be a part of the PPP discussions.
  • Right stakeholder engagement needs to be represented by having experts from various industries come and talk about it.
  • Both laws and Technology need attention.
  • Strong privacy laws.
  • Personal data protection bill as well as Draft intermediary guidelines need to move on soon.
  • Explanation of basic technology to the vulnerable sections is very crucial
  • Outreach program to educate people.
  • Internet governance is required.
  • Strict government actions whenever required,
  • Funding mechanism whether through CSR or through the common machinery or public sector undertaking, the corporates have to get involved and work together.
  • Creating more avenues and opportunities where stakeholders, civil society, media private sector academia to engage with the government on an everyday basis.



India has a stronger bargaining chip than most nations in pushing for data localisation — access to its billion-strong consumer market.

There will be ample of information for intelligence agencies, they may not waste their more time and energy and also there will be no fear to those officers to get information illegally if this law comes into existence.

Data is a two sided coin, in heads its showing a global flow of $2.8 trillian in 2014 and expected to reach $11 trillian in 2025 and in tails side breach of fundamental rights like privacy – Article 21 ( puttaswami vs union of india) and right to profess and practice once desired profession also indirectly impacting along with national security problems.

In this complex situation Government should frame a strong data policy which can utilise economic benefits and which can uphold its citizens rights and national security interests.

Source: click here