FaceApp has exploded with celebrities including Drake, Nick Jonas, NBA star Dwayne Wade and late-night host Stephen Colbert using it to edit pictures of themselves to appear decades older or years younger.

The photo-editing app, created by Russia-based developer Wireless Lab in 2017, uses artificial intelligence software to also “swap” your gender. It’s recently experienced a surge in popularity with the app becoming the most-downloaded free item from Apple's App Store and Google Play Store.

But privacy experts argue the app requires users to give up too much personal information, and that users should be reading the application’s terms and conditions more carefully.



FACEAPP CAN USE AN IMAGE ESSENTIALLY HOW IT WANTS

According to the “User Content” section of FaceApp’s terms and conditions, app users agree to “grant FaceApp a perpetual, irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferable sub-licensable license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, publicly perform.”

Technology analyst Carmi Levi told CTV News Channel this means users are allowing developers to "do whatever they want with the (photos) and we have no legal recourse."

He added that the FaceApp terms and conditions are not unique. "It's not just this app, most apps we install need to access certain resources .. like the microphone or the camera or our contacts," he said, which he warns leads to "dozens of applications on our phones that have all sorts of crazy access."

Privacy expert Ann Cavoukian agrees, telling The Canadian Press that users should be wary of apps that share something as personal as one's face because they may be used in unintended ways.



FACEAPP CAN MAKE MONEY OFF YOU

The terms also state the app can profit off user-submitted images without paying them a dime.

The app states it can “display your User Content and any name, username or likeness provided in connection with your User Content in all media formats and channels now known or later developed, without compensation to you.”

“When you post or otherwise share User Content on or through our Services, you understand that your User Content and any associated information (such as your [username], location or profile photo) will be visible to the public,” it continued.



FACEAPP WILL UPLOAD PHOTO TO CLOUD, BUT NOT ENTIRE PHOTO LIBRARY

An unsubstantiated allegation against the app is that a user’s entire photo library is uploaded to FaceApp’s servers.

The confusion stemmed from an iPhone feature that shows users’ photo library within the app. It’s an Apple feature that lets you select a specific photo, but doesn’t grant the app full access to the library – even though it looks like it does. However, users do have the option of giving the app access to their photo library.

Matthew Panzarino, editor-in-chief of technology news website TechCrunch, noted another concern with FaceApp. He wrote that when people edit a photo, it isn’t edited on a user’s device and, instead, FaceApp “uploads your photo to the cloud for processing.”

The developer Wireless Lab confirmed to the outlet that while the app may store the photos in the cloud, “most” are deleted after 48 hours and none of the users’ data is transferred to Russia.

It also told the outlet that users can request to have their data deleted.

FaceApp requiring users to upload their selected photos to the cloud was first noticed by French security researcher Baptiste Robert, Guardian Firewall CEO Will Strafach and several other app developers. They made the findings after each analyzed the app’s network traffic.



FACEAPP COLLECTS BROWSING HISTORY AND LOCATION

In addition to photos generated by the app, FaceApp also collects information about browsing history and location.

But the terms also state "we will not rent or sell your information to third parties outside FaceApp." It did explicitly state that the app will share information with "third-party advertising partners” to deliver targeted ads to users.

When the app was first released, The Washington Post criticized FaceApp’s privacy conditions as users were complaining at the time that the privacy policy was “creeping people out.”

Around the same time, the chair of the Australian Privacy Foundation David Vaile said FaceApp’s developers asked for “way more rights than they need to offer the service to you.”



FACEAPP SHOULD HAVE BEEN MORE UPFRONT: CRITICS

Levi said because users aren’t in complete control of their photos "once you use the app, you've pretty much opened the door and you can't really close it afterwards."

Strafach agreed and said the company should have been more upfront and urged users not to add the app. "Bottom line is they were handling sensitive data and they handled it cavalierly and that's just not cool," he told The Associated Press.

On Wednesday, the ranking Senate Democrat Chuck Schumer wrote a letter to the FBI and Federal Trade Commission saying he was concerned the app posed a “national security and privacy risks for millions of U.S. citizens."



FACEAPP BRIEFLY RELEASED RACE-SWAPPING FILTER

When the app was released in January 2017, it came with filters which added fake smiles to photos and other filters which made a user look “hotter” by essentially whitening people’s faces.

The latter was briefly renamed “spark” before it was removed in April following online anger.

The founder, Yaroslav Goncharov, was forced to apologize saying, “we are deeply sorry for this unquestionably serious issue. It is an unfortunate side-effect of the underlying neural network caused by the training set bias, not intended behavior.”

Later that year, the same app made headlines when it briefly released its “ethnicity change filters” which allowed users to see what they’d look like if they were black, Asian, Indian or white.

Following backlash, the founder removed the filters and apologized.

With a file from The Canadian Press and The Associated Press