Why we're all confused about FaceApp

I haven’t used FaceApp yet. And I don’t intend to - the idea of seeing what I might look like is terrifying.

However, what is even more terrifying about the app is the way in which it has caused such confusion online. The theories (and falsehoods) around the app are as much a part of the app’s virality as its core functionality.


Starting with speculation from software developer Josh Nozzi that FaceApp is uploading your photos to its own server, and then developing into a strange mini-conspiracy theory that the app was somehow connected to the Russian state - simply because the company that created it is based in St. Petersburg - FaceApp was soon at the centre of a cacophony of baseless theories about what it might be doing with your data - what it might be doing with your face.

However, although much of the speculation and fear-mongering has been shown to be false, this doesn’t mean that there aren’t some scary aspects to the way FaceApp might be using your data and images.

The only problem is, what FaceApp can do (according to the T&Cs to which you have to agree before using it) is actually not that different from what other platforms, like Snapchat, have permission to do.

A French security researcher who goes by the pseudonym Elliot Alderson drew attention to this on Twitter:

The moral of this story, then, is one that feels quite familiar: there’s no conspiracy that’s hidden from view, with evil actors tricking us all into handing them power via some nefarious trickery we’re all too well-meaning to contemplate - there’s just the world we’re living in now. (The only thing that’s somewhat hidden from view are the T&Cs that most of us don’t bother reading.)

This point has been made consistently over the last couple of days, and there are a number of good pieces out there that go explain the issues much more effectively than I have here:

Detective work

One of the most fascinating things about this story is the way in which it’s only though investigations into the software - something which was done by Elliot Alderson, and, to a lesser extent, Nozzi in the blog post - that we can really get an understanding of what’s going on. And the worst part of this is that sometimes it’s not even clear why certain things are happening. Nozzi, for example, highlights that the app has full access to your iOS photos - something which is, in fact, unnecessary:

In iOS, apps can invoke the system’s photo picker, a system-managed panel that lets users choose the images they wish to “give” to an app without granting it wholesale access to all your photos. Indeed, you can refuse it access to your photos and still use the button near the bottom to invoke this photo picker to give it just the photo(s) you want it to have. What are they doing with full access? What might they do in the future? Why request it at all?

Technology and conspiracy

These sorts of questions are tough to answer. Indeed, these dead ends are probably the very things that lead to conspiracies and rumours - but we need to be vigilant. We must avoid getting stuck on building up an elaborate picture of something that isn’t true.

Perhaps there’s some kind of link between technology and conspiracy. If technology can feel impenetrable, multi-layered, and mysterious, it’s only natural that we’d seek out ways of explaining things that make sense beyond the intricacies of dense user agreements and highly distributed applications. It’s only by getting a little closer to the software that we can really find out what’s happening and start to grapple with the more prosaic but disturbing nature of things.