Mobile App Privacy Policies: Your Data Privacy at Stake

Family Taking a Selfie Using Smart Phone

Throughout the Summer of 2019, our social feeds got a facelift as friends and celebrities posted aged pictures or selfies of themselves. FaceApp, a free photo editing app, uses Artificial Intelligence (AI) technology to apply several quirky filters to the photos you upload from your mobile device’s camera roll. It quickly went viral, becoming one of the most downloaded apps for both IOS and Android, with over 150 million downloads.

As FaceApp grew in popularity, so, too did concerns from cybersecurity experts regarding the app’s privacy policy. We started to see unease in the news, over the possibility that the technology behind apps like FaceApp can store or expose the vulnerable facial recognition data of millions of individuals worldwide. Generally speaking, mobile device users should be careful of the apps and services they may be permitting, albeit unknowingly, to gather and store their personal data.

Let Me Be Me: Biometrics and Personal Privacy at Risk

We all tend to scroll quickly through the Terms and Conditions of apps without really understanding possible threats regarding how our data is collected and shared. Your photos and biometrics, like other Personally Identifiable Information (PII), is valuable to cybercriminals and identity thieves, because it can be used to authenticate various accounts and devices. According to an IBM Future of Identity Study, more than half of all consumers have concerns about data collection and how it is applied, including the potential for cyberthieves to use spoofed biometrics to access sensitive information.

FaceApp’s popularity, and its privacy policy, gained the attention of United States government officials who have stepped in and requested the FBI and FTC take a more in-depth look at the app’s safety. For example, the aging filter in FaceApp is powered via cloud-based technology, raising some worry as to where the photos are being stored, and for how long. FaceApp responded to the concerns, indicating most images are deleted from its servers within 48 hours, and while the company is headquartered in Russia, it doesn’t transfer user data to Russia and it does not share or sell data with third parties.

Before downloading the app, keep in mind that under its privacy terms, you are permitting FaceApp to have perpetual and irrevocable permission to “access, collect, monitor, and store” the following, every time you open the app:

  • All photos or other content that is uploaded to the app (and it’s been reported that there was a security flaw enabling full camera access; however it is a known functionality of iOS devices to allow apps individual photo access without granting full photo album permissions)
  • Cookies and data that identifies your device to share with third-party advertisers to deliver targeted advertising
  • Your IP address, browser type, pages visited, clicks of links, domain names, and what emails you open in connection with the app

Get Ahead of Mobile App Security

Many free mobile apps have privacy policies that we often ignore without realizing the consequences. When creating a new account or downloading a new app, you are frequently asked to agree to the Terms and Conditions. In a hurry to proceed, we don’t stop and consider that once we click “accept” we legally hand over control of the collected information to the company behind the app and possibly unknown third parties.

If the shared photos and personal data gathered by these apps were to be breached and sold on the Dark Web, an identity thief would be armed with the information necessary to commit synthetic identity theft. This risk is especially true for our children providing access to social media and free apps such as FaceApp. For iPhone users, Family Sharing helps parents control which apps their children are purchasing by having the “Ask to Buy” feature. Using this feature, children must gain parental consent before actually downloading any app to their device.

Tips to Protect Your Mobile Device

  1. Update App Permissions. Restrict apps from accessing your location and photo library on iPhone or Android devices.
  2. Use a Virtual Private Network (VPN). VPN safeguards your devices while your family roams the internet.
  3. Automatically Install Software Updates. Unless you have set your mobile apps to update automatically, avoid security gaps that criminals can use to access your personal information by checking for updates monthly.

Continue following Fighting Identity Crimes to get the latest breach and scam updates, ID protection news & tips from our industry experts!

Follow us on social!
Facebook | Twitter | LinkedIn 

 

The views and opinions expressed in this article are those of EZShield Inc. alone and do not necessarily reflect the opinions of any other person or entity, including specifically any person or entity affiliated with the distribution or display of this content.

Donna is the Chief Marketing Officer of Sontiq, the parent company of the EZShield and IdentityForce brands. She is responsible for global marketing initiatives...
Read more about Donna Parent.

Leave a Comment.