How businesses could be exposed to security risks from employees using FaceApp

Where the app itself may not be as risky as some jittery US Senators think, it’s generally a bad idea for employees to download unauthorised apps onto corporate devices. My twitter feed is swamped with discussions about this years-old app. It’s truly “gone viral”…:

[…] FaceApp CEO Yaroslav Goncharov talked to TechRepublic about the safety of his app. “FaceApp performs most of the photo processing in the cloud. We only upload a photo selected by a user for editing. We never transfer any other images from the phone to the cloud. We might store an uploaded photo in the cloud. The main reason for that is performance and traffic: we want to make sure that the user doesn’t upload the photo repeatedly for every edit operation. Most images are deleted from our servers within 48 hours from the upload date.”

Goncharov said, “We accept requests from users for removing all their data from our servers. Our support team is currently overloaded, but these requests have our priority. For the fastest processing, we recommend sending the requests from the FaceApp mobile app using ‘Settings->Support->Report a bug’ with the word ‘privacy’ in the subject line. We are working on the better UI for that.”

Goncharov added, “Even though the core R&D team is located in Russia, the user data is not transferred to Russia.” He also said that the only photo that is uploaded is the one that is selected for editing, not all photos in the user’s gallery.

[…]

Read the original article here