According to an Indian security researcher Athul Jayaram, who flagged the issue, the app contains a feature that allows users to download and edit photos from their Facebook accounts. However, this option will only work when a user enables when a user accesses the FaceApp account via ‘Login with Facebook’ option.
Jayaram said whenever a user logins to FaceApp with Facebook credentials, the app enables a feature called “Social Stylist,” designed to allow users to invite their Facebook friends to vote for their posts. However, the researcher clarified that the feature was discontinued after reporting the issue to FaceApp.
“We don’t have this data anymore and planning not to request this permission soon. We used to have some social features (Social Stylist: you could invite your friends to vote for the best style, have a feed, etc.), those features needed this permission,” FaceApp CEO Yaroslav Goncharov said in a statement. “Please note that don’t require a Facebook login for FaceApp to work, so only a few users are logged in.”
It all began after several experts and users finally read the terms and conditions of the app. Over user content, It reads, “You grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform and display your User Content, and any name, username, or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you.”
The app is over two years old and was created by a Russian developer. “I would be cautious about uploading sensitive data to this company that does not take privacy very seriously, but also reserves broad rights to do whatever they want with your pictures,” said Justin Brookman, a former policy director for the Federal Trade Commission’s Office of Technology Research and Investigation to CNBC.