Seems like nearly everyone on Twitter is accepting the #FaceAppChallenge by posting aged photos of themselves.

They are using FaceApp, a downloadable program available on Apple’s App store and the Google Play store, which lets you apply filters to your photos to transform your appearance – to make you look younger or older, have a different look, or even more masculine or feminine. Those can be shared online and on Twitter, Facebook and other social media sites.

FaceApp, which uses artificial intelligence to create "neural face transformations," first gained prominence in spring 2017. But a new wave of interest has made FaceApp the top free app in both the Apple and Google app stores, according to measurement site App Annie.

Celebrities have embraced the app, too, with Carrie Underwood, the Jonas Brothers and actor/rapper Ludacris among those posting pictures of themselves aged using FaceApp. Athletes are also using the app.

Some privacy and security experts have expressed concerns that users granting the St. Petersburg, Russia-based FaceApp access to photos on their smartphones is a grand giveaway of privacy and personal information.

Facebook ad tracking:How you can see which companies found you on Facebook

Is Facebook listening to me? Why those ads appear after you talk about things

What does FaceApp say it may do with your photos?

Users often grant access to their photos – and to their Facebook account – to use the app, but FaceApp's Terms of Service and Privacy notifications don't explain how deep its access may go. (Users can opt to just access a pool of celebrity photos, rather than their own photos.)

However, in the company's Terms of Service, it says users grant FaceApp "a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable, sub-licensable license to use, reproduce ... create derivative works from ... and display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you."

James Whatley of digital marketing firm Digitas noted on Twitter that FaceApp's "terms of service page is a DOOZY."

Silicon Valley lawyer Elizabeth Potts Weinstein, also on Twitter, reiterated the concern that using FaceApp gives the company "a license to use your photos, your name ... and your likeness for any purpose including commercial purposes."

Should I be concerned?

Yes, say cyber experts, since it is uncertain what else FaceApp can access and how it might be used.

“While it may initially seem private, the terms of service from FaceApp may raise some concern around privacy since it’s not entirely clear on what is happening behind the scenes," said Gary Davis, chief consumer security evangelist for McAfee, a Santa Clara, Calif.-headquartered cloud cybersecurity company says.

Access to other information the app gets could be used for marketing purposes, too, as its privacy notifications say, that "may help us or others provide reports or personalized content and ads."

Most users don't read these notices, says Jason Hill, lead cybersecurity researcher at CyberInt Technologies, a security firm based in Tel Aviv, Israel.

"Users should always be cautious when permitting an app access to their personal information, be it social media profiles, photos or contacts," he said. "Furthermore, individuals should consider that they may not only be exposing themselves to an app provider as, when permitting access to a social media profile and its photos, may inadvertently permit access to images containing others."

FaceApp had not yet responded to a request for comment from USA TODAY.

While there "is no immediate evidence to suggest that FaceApp is performing any nefarious task," Hill said, "as in any case when an app or service is requesting personal information or access to profiles, users should be cautious of oversharing."

Various pieces of your digital profile – acquired through various apps and social networks – could be compiled. "For example, collating photos associated with a user could, where present, allow image metadata, such as the location that a picture was taken, to be mapped and correlated with access logs, gathered when the user accesses the service, that will associate details of their IP address, ISP (internet service provider) and the device (including browser, operating system and hardware)." Hill said.

What about other apps?

Popular video app TikTok is another app to be concerned about, says David Carroll, a professor of media design at The New School in Manhattan. Since FaceApp is based in Russia and TikTok is based in China, it's "safe to assume those governments can readily access your data."

Carroll’s attempt to retrieve his data accessed in Facebook's Cambridge Analytics scandal in Wired and the Netflix documentary "The Great Hack."

Tech firms based outside of the U.S. are "subject to different standards or governance for data handling," CyberInt's Hill said. "Whilst many individuals may not be concerned by this, users working in government, military or sensitive roles may want to consider the ramifications of potentially exposing their personal data to foreign entities."

TikTok told USA TODAY that it is working with "an independent, US-based internet privacy firm to audit our practices and confirm that we are employing industry-leading standards for the storage and protection of TikTok user data."

Certain countries, such as Russia and China, "have shown little regard for the privacy of people using technologies based there," McAfee's Davis said.

"It’s always best to err on the side of caution with any personal data and think carefully about what you are uploading or sharing," he said. "A good security practice is to only share personal data, including personal photos, when it’s truly necessary.”

The Tennessean contributed to this report. Follow USA TODAY reporter Mike Snider on Twitter: @MikeSnider.