A senior US senator on Wednesday urged the FBI and the Federal Trade Commission to investigate the trending FaceApp photo app which was created by Russian company over concerns that users’ data are being transferred on to the Russian government (Moscow).
In a letter sent to chair of the FTC Joseph Simons and to FBI director Christopher Wray, the Senate minority leader Chuck Schumer raised concerns that the FaceApp, which is headquartered in Saint Petersburg, requires users to hand over “full and irrevocable access to their personal phone and data”.
He stated that this could pose “national security and privacy risks for millions of US citizens”, calling on the FBI to assess whether Americans’ information was “finding its way into the hands of the Russian government”.
Democratic National Committee chair Bob Lord on Wednesday sent a similar warning to the 2020 presidential campaigns urging them to delete the app, according to a report by CNN.
The Democratic National Committee itself was targeted by Russian hackers in the lead-up to the 2016 election, as part of a campaign to interfere with the US election.
FaceApp is a photo app developed by Russian company Wireless Lab and launched in 2017, it went viral this week after introducing a tool that allowed users to edit photos of their faces to show what they might look like when they were older.
According to its website, the app uses artificial intelligence to power its photo editing software and has 150m active users. There is no evidence that it is sharing data with the Russian government.
Mr Schumer also called for the FTC to assess whether there were “adequate safeguards” to protect user privacy and raise awareness of the risks if there were not.
“In the age of facial recognition technology as both a surveillance and security use, it is essential that users have the information they need to ensure their personal and biometric data remains secure,” he said.
But according to Techcrunch, the company denied sharing or selling data with third parties and said that while its core R&D department was in Russia, user data were not sent there. Most user data were deleted from its platform within 48 hours, it said.