GENDERBENDER FILTER | Privacy concerns raised anew with FaceApp gender switch filter

June 19, 2020 , 01:29 PM

By Katrina Elaine Alba

(June 19, 2020) – Cyber security experts have raised privacy concerns in the latest craze in social media with the introduction of the viral gender switch filter of a photo-editing application.

FaceApp has become an instant hit on Facebook with its filter that edits users’ photos to make them appear as their opposite gender.

But social media users of the app were told to exercise caution as it has potential privacy violations and data captured by the app may possibly be used for some criminal acts.

Cybersecurity Philippines-CERT warned users to be careful with allowing social media applications to use users’ photos, as facial biometric features are used in lieu of passwords in iOS devices.

The group said the Facebook app may also be used for data mining “by cyber criminals or those with malicious intent against the individuals”, and weaponize it for “the use of deep fake, face swap or other media editing apps for identity theft and fraud, demolition, extortion, defamation attacks.”

FaceApp first drew flak when it launched in 2017 for its “ethnicity” filter, which edited user photos to make them appear as people of various races.

It once again became viral in 2019 for its “old age” filter.

But US Senator Chuck Schumer warned against using the app after consulting with the Federal Bureau of Investigation (FBI).

“The FBI considers any mobile application or similar product developed in Russia, such as FaceApp, to be a potential counterintelligence threat, based on the data the product collects, its privacy and terms of use policies, and the legal mechanisms available to the Government of Russia that permits access to data within Russia’s borders,” the bureau said in a letter tweeted by the Democratic senator in 2019.

A warning to share with your family & friends:

This year when millions were downloading #FaceApp, I asked the FBI if the app was safe.

Well, the FBI just responded.

And they told me any app or product developed in Russia like FaceApp is a potential counterintelligence threat. pic.twitter.com/ioMzpp2Xi5

— Chuck Schumer (@SenSchumer) December 2, 2019

FaceApp was developed by Wireless Lab, a company based in St. Petersburg, Russia.

The photo-editing application works by asking users to select a photo, which would be uploaded to a cloud, where the photo processing would take place.

FaceApp said they use “neural network technology that automatically generates highly realistic facial transformations” and use third-party cloud providers, specifically Google Cloud Platform and Amazon Web Services, to edit the photographs.

It clarified the app only uploads the photos specifically selected for editing, encrypt them with a key stored in the users’ device, and remain in the cloud for 24 to 48 hours.

“We do not use the photographs you provide when you use the app for any reason other than to provide you with the portrait editing functionality,” the developer said in FaceApp’s privacy use statement as of June 4.

“We make personal information into anonymous, aggregated or de-identified data by removing information that makes the data personally identifiable to you,” it added.

But as with other social media applications, FaceApp collects information such as name, list of friends, and online activity data for marketing and advertising.

FaceApp also said they “may sell, transfer or share some or all of business assets, including your personal information, in connection with a business transaction.”

A Canada-based think tank, the Centre for International Governance Innovation (CIGI), said in April that “like many other apps, FaceApp was not designed to respect the privacy of users.”

“It is unclear if FaceApp is an arm of the Russian government, but the company’s terms of use gives it great power to control info it collects. But it is not alone,” said author Susan Ariel Aaronson in a paper that studies the risks of using apps such as Facebook and TikTok.

This comes a week after netizens raised the alarm over the proliferation of fake, empty accounts on Facebook. Some of these dummy accounts even messaged threats to their namesakes.

The government met with Facebook Philippines last Tuesday to determine whether there is coordinated, malicious intent with the creation of the ghost accounts.

Justice Undersecretary Markk Perete said on Thursday that they have already received 198 complaints involving around 300 accounts, and asked Facebook to remove them. But they did ask the social media giant for a copy of these to figure out who created them. (MM)

Privacy Statement

Our Privacy Commitment

TV5 Network Inc. values and respects your privacy. We are committed to safeguarding your personal data in compliance with Republic Act No. 10173 or the Data Privacy Act of 2012 and its implementing rules and regulations.

We have developed a Privacy Policy that adopts and observes appropriate standards for personal data protection. While our Privacy Policy sets out the general principles governing the collection, use, and disclosure of our users’ personal information, our Privacy Commitment seeks to inform you more about TV5’s privacy practices.

Why do we collect your personal information (as applicable)?

We may collect and maintain basic information about you as site user of TV5 sites for the following purposes:

To deliver news and updates on current events, sports, esports and entertainment;
To share livestreams of news and sports events;
To understand our viewers’ needs and preferences;
To meet legal and regulatory requirements; and
To perform other processes or disclosures that are required to comply with pertinent laws, rules, or regulations.

Where do we get your personal information?

There are several ways we collect your personal information.

Information that you personally provided.

Most of the personal information we have are those that you have provided us when you:
- Register to our programs or services;
- Inquired, filed a complaint or requested for our services;
- Took part in our research and surveys; and/or
- Became our Partner, Vendor, Contractor or Supplier.

Information we collect during your engagement with us

We also collect information as you use our products and services, like:
- Viewing our websites;
- Activities that are being tracked by our website cookies;
- Calling our hotline;
- Using our apps, websites, and self-service channels and portals; and/or
- Joining our promos, prize raffles, or rewards and loyalty programs.

Information we collect from other sources

Other means of collection of information may be through:
- Our market research initiatives;
- When you visit and use our websites and mobile application; and
- Subsidiaries, affiliates, and third-party business partners to whom you have given consent to share your information to us.

When do we disclose personal information?

There may be instances when we are required to share the information you provided us. In such cases, we ensure that your personal information will be disclosed on a confidential manner, through secure channels and in compliance with the Data Privacy Act and other privacy laws.

We will never share, rent, or sell your personal information to third parties outside of TV5 except in special cases where you have given consent, and in cases described in our privacy policy.

In some instances, we may be required to disclose your personal information to our agents, subsidiaries, affiliates, business partners and other third-party agencies and service providers as part of our regular business operations and for the provision of our programs and services. This means we might share your information with our service providers, contractors, and professional advisers who help us provide our services.

How we protect your personal information

The integrity, confidentiality, and security of your information is important to us. We have implemented technical, organizational, and physical security measures that are designed to protect your information from unauthorized or fraudulent access, alteration, disclosure, misuse, and other unlawful activities.

We also put in effect the following safeguards:

We keep and protect your information using a secured server behind a firewall, encryption and security controls;
We keep your information only for as long as it is necessary for us to (a) provide the products and services that you avail from us, (b) for our legitimate business purposes, (c) to comply with pertinent laws, and (d) for special cases that will require the exercise or defense of legal claims;
We limit the access to your information only to qualified and authorized personnel who are trained to handle your information with strict confidentiality;
We undergo regular audits and rigorous testing of our infrastructure’s security protocols to ensure your data is always protected;
We promptly notify you and the National Privacy Commission when sensitive personal information that may, under the circumstances, be used to enable identity fraud are reasonably believed to have been acquired by an unauthorized person; and
We let you update your information securely to keep our records accurate.

TV5 will not collect, use, or disclose your personal information for any purpose other than the purpose that you may have given your consent for.

What are your choices?

We make sure that we have your consent to continue to collect, use, and disclose your personal information for the purposes that we have identified. We want you to know that you may object or withdraw your consent and/or edit your consent preferences at any time.

If you wish to have access to the personal information in our custody or if you think that the personal information you provided is incomplete, or otherwise inaccurate, you may get in touch with our Data Protection Officer through the contact details provided below. In some instances, we may request for supporting documents or proof before we effect requested changes.

Data Protection Officer
TV5 Network Inc.
Reliance corner Sheridan Streets
Mandaluyong City
tv5dataprivacy@tv5.com.ph

What happens when there are changes in our Policy?

From time to time, we may update our privacy policy and practices to comply with changes in applicable laws and regulatory requirements, adapt to new technologies and protocols, and align with the best practices of the industry.

You will be provided notices if the changes are significant and, if we are required by law, we will obtain your updated consent.