Army command in Germany warns personnel of potential FaceApp privacy risks
STUTTGART, Germany — U.S. military officials in Europe have issued a “cyber alert” warning that a photo filter application owned by a Russia-based company could pose a security risk.
“A popular Facebook app that takes a current photo and shows you what you might look like in the future has raised concerns regarding privacy issues with the governments of several countries, including the United States,” U.S. Army Garrison Rheinland-Pfalz said in an alert to personnel Thursday.
FaceApp, which can transform the faces of younger users into senior citizens, has gone viral in recent days. The program was among the most downloaded apps this week as images of celebrities and ordinary citizens spread across social media.
However, some lawmakers are worried the product could pose privacy and national security risks, despite FaceApp’s denials of data harvesting.
Sen. Chuck Schumer, D-N.Y., called on the FBI and the Federal Trade Commission to launch an investigation into the app, saying the program accesses sensitive personal information.
“It would be deeply troubling if the sensitive personal information of U.S. citizens was provided to a hostile foreign power actively engaged in cyber hostilities against the United States,” Schumer said in a letter to the FBI and the Federal Trade Commission.
Schumer called on federal authorities to ensure safeguards are in place to protect the privacy of Americans using the application, including government personnel and servicemembers.
For the military in Europe, Russian attempts to mine smartphones and social media accounts for information has been a long-standing concern. In 2017, some troops, assigned to NATO battlegroups deployed to deter potential Russian aggression in the Baltics and Poland, had their phones and social media accounts hacked while operating near the Russian military exclave of Kaliningrad.
In its cyber warning, the Army garrison warned that installing the app allows FaceApp “access and ability to store information about its users, such as the images of their face, location, IP address, and where exactly a user clicks inside the app.”
“This data could then be sold to other companies,” the warning stated. “In addition, cyber experts warn that relatively small companies like the one behind FaceApp are vulnerable to hacking by criminals and foreign governments,” the warning stated.
U.S. Army Europe said soldiers must take personal responsibility to ensure military readiness isn’t affected by social media activity.
“U.S. Army Europe encourages all service members, civilians and their families to be conscious of the their social media security settings and ensure they fully understand the terms of service for any application they download to their personal or military mobile devices,” said Col. Joe Scrocca, USAREUR spokesman, in a statement.
Schumer’s letter said FaceApp’s risks remain unclear.
“FaceApp’s location in Russia raises questions regarding how and when the company provides access to the data of U.S. citizens to third parties, including potentially foreign governments,” Schumer wrote.
On Wednesday, the Democratic National Committee also warned its members to refrain from using the app because of concerns that the app could access users’ photos, which could in turn be used for nefarious purposes.
FaceApp, however, has denied it harvests user photos, saying it only uploads a photo selected by a user for editing.
“FaceApp performs most of the photo processing in the cloud. We only upload a photo selected by a user for editing. We never transfer any other images from the phone to the cloud,” the company said in a statement.
Still, questions about FaceApp come amid rising concerns over how “deep fake” imagery could be used to spread misinformation.
“In the age of facial recognition technology as both a surveillance and security use, it is essential that users have the information they need to ensure their personal and biometric data remains secure,” Schumer wrote.