A photo storage app that offers users “free, unlimited private backup of all your life’s memories” has been secretly using customers’ private snaps to train and sell facial recognition software.

As detailed in a report from NBC News, the startup Ever launched as a simple cloud storage business in 2013, but pivoted to become a facial recognition technology vendor in 2017 after realizing that a photo app “wasn’t going to be a venture-scale business.”

Customers, though, were not informed of this change — or how their photographs and videos are now being used.

Users were not told their data was training facial recognition

The company’s original 2,500-word privacy policy stated that facial recognition helped “organize” users files, letting them group together images of the same individual. The only acknowledgement that this data was also being used to train AI was contained in a single, cryptic line: “Your files may be used to help improve and train our products and these technologies.”

After the company was contacted by NBC News in April it updated this privacy policy, adding a sentence to explain that these “products” include “enterprise face recognition offerings.” But experts say the company clearly violated users’ privacy by failing to inform them how their personal data is being used.

“They are commercially exploiting the likeness of people in the photos to train a product that is sold to the military and law enforcement,” NYU law professor Jason Schultz told NBC News. “The idea that users have given real consent of any kind is laughable.”

Ever itself has not sold its software to the military or law enforcement (its customers include SoftBank Robotics, maker of the Pepper robot) and stresses that it never shows personal data about users.

Using public photos to train facial recognition software is common

But its pivot shows how facial recognition systems are often trained by photos taken from an unsuspecting public. Huge databases of millions of photos like MegaFace and Faces in the Wild are used by academics and private firms a like to train facial recognition AI. They often contain photos scraped from public websites, like Flickr.

On Ever’s website for its facial recognition systems, the company boasts that it has one of the “largest, most diverse, proprietary tagged datasets in the world,” with more than 13 billion images and videos. It says its software is used for “surveillance & monitoring, physical access control, and digital authentication,” and can do more than just recognize individuals, and also categorize their emotions, ethnicity, and age, based on their image.

When asked by NBC News if the company had done enough to inform users about how their data was being used, Doug Aley, Ever’s CEO, said he thought so.

“I think our privacy policy and terms of service are very clear and well articulated,” said Aley. “They don’t use any legalese.”