COMMENT: In light of FaceApp controversy, users need to understand data privacy

Yahoo News Singapore

26 July 2019 at 8:17 am

By Shashwat Khandelwal

Here’s a familiar story – a popular, viral app catches the user’s eye, and the app store they are using affirms that the app is secure and verified. They download and install the app.

The user then skims through the app’s overview to understand its functions. Notices appear, requesting for permission to access user’s location data, the camera, address book, and other device functions. The user grants all these permissions before using the app.

Sounds fine so far? It isn’t.

In most cases, the user is never prompted to review the Privacy Policy or Terms of Service of the app to check on how their data is handled, nor does the app explain why certain permissions are required.

The FaceApp furore

Recently, the internet has been up in arms over privacy concerns that have been raised over FaceApp, a viral image-editing app with multiple celebrity and influencer endorsements. It uploads photos to a cloud server and uses artificial intelligence to edit the photos. With the popularity of the app, watchdogs raised privacy concerns – the app could potentially extract images from users’ photo galleries.

In response, FaceApp released a statement, saying that the company would not “sell or share any data with third parties”. It was also found that the app only uploads photos which a user has consented to upload – that is, by selecting images for processing.

Yet, there is still concern over the intrusive terms of service: FaceApp users grant the company “irrevocable rights” to use or reproduce data that has been submitted to the app on any new or existing channels. Since photos are uploaded onto FaceApp’s cloud servers, the company can potentially use or reproduce the data that has been submitted to the app for their own gain.

What’s worse, it’s not just FaceApp. Nearly all social media and photo platforms have similar clauses in their terms of service, and privacy policies. Apps are an integral part of our life with their developers potentially privy to such information of their entire user base.

In a world where data is less private

It’s not enough to join in the outrage when user data is compromised – users need to better understand what data privacy is about.

Legislation such as the Personal Data Protection Act (PDPA) has been implemented internationally: The Act regulates the use of data by examining user consent, the purpose of data collection, and the reasonableness of data use.

The EU has similarly introduced the General Data Protection Regulation (GDPR), which mandates that users have a right to obtain confirmation from data collectors on how their personal data is being processed. Users also have a right to request to be ‘forgotten’ by having all their data erased from the database of data collectors, among other clauses.

Still, regulators and the industry can do more by implementing stringent rules, which require apps and services to disclose their terms and services to the end user as well as standardising and simplifying this complex space. Companies also need to be more responsible and transparent with their data collection practices.

In the meantime, user data is still at stake, and users need to be responsible by doing their due diligence in protecting their data.

Securing data with basic cybersecurity practices

While the ecosystem for apps and platforms is still evolving in how user privacy is ensured, there are steps that users can take to secure their data.

First, be aware of best practices to ensure that your smart devices and data are safe.

Before installing an app or service, do a simple audit: is the platform that the app is on trustworthy and secure? Has the app raised privacy or security concerns? What permissions does the app require and are the permissions logical? This information is easily accessible via a quick search.

For example, in April this year, 46 apps by Chinese developer DO Global were removed from Google Play. Of these, some camera apps required over 30 permissions, while other apps providing similar services required less than half. The apps used the devices they were installed on to commit ad fraud, while mining user data at the same time. The story was widely covered to raise awareness among users, with many publications warning about the apps.

Second, scrutinise the data disclosed, and permissions granted to apps.

Users have the right to disclose or keep their data private. If an app or service seems too intrusive or provide insufficient information on how user data will be utilised, it will be best to abstain from using it.

When using an app, users should minimally review the terms of service, paying particular attention to sections mentioning what data is collected and used. Knowing this, users must be selective of the data that they disclose to apps, to prevent sensitive information from being compromised.

To illustrate, user profiles and photos are kept on social media databases long after they are ‘deleted’. To prevent data from being compromised due to misuse, or in breaches, users should abstain from uploading any personally identifiable information.

There are also other practices to ensure data security.

Passwords are the key to plenty of user data and user’s digital identities; it is imperative to use strong passwords that are easy to remember for humans while being difficult for machines to brute force – this example illustrates it well. Alternatively, a trustworthy password manager is an option.

Last, but not least, use reliable security software, and schedule regular updates and scans to ensure that smart devices are clear of threats. As the world becomes more interconnected, it is not surprising for threats, such as phishing attacks for personal data, malware, and adware to enter undetected. Having a security software in place will allow users to detect threats in real time, and check systems for any malicious files. Users can also reduce the risk of these threats by not visiting suspicious sites, and not opening suspicious links or files from unverified sources.

Privacy is a right, and intrusiveness is not the new normal

Data is the new oil, and organisations all over the world are getting hungrier for user data. Against this backdrop, users need to remember that data privacy is a right and be selective about the data that they disclose on various platforms – they should even abstain from using a particular app or service unless they are satisfied by what they see. While data privacy regulations are being put in place, more needs to be done on the part of regulators and companies to protect end user data.

The uproar over the FaceApp privacy concerns shows that users are aware of their right to data privacy, which is a good start. When combined with a better understanding of how data can be misused, and adhering to best practices, they can cover more bases to ensure their data and personal information stay secure.

Shashwat Khandelwal is Head of Southeast Asia Consumer at McAfee.

Prior to joining McAfee, Shashwat was the Vice President of Business Development for tenCube, a Singapore mobile security startup that was subsequently acquired by McAfee. Before tenCube he served in various technical roles at Motorola ranging from solution architecture to system engineering.

Related stories:

The privacy panic over FaceApp

FaceApp challenge: Privacy experts warn over using Russian ‘ageing’ app

Cosmo
Sabrina Carpenter looks practically naked in completely see-through lace mini dress
Sabrina Carpenter went braless wearing the Mirror Palais Anemone Dress in butter featuring illusion tulle adorned with lace appliqués along the neckline and hem
a day ago
People
“Call Her Daddy'”s Alex Cooper Models Her Wedding Night Lingerie in Instagram Reveal: See the Racy Look
Cooper wore a sexy lacy bodysuit from SKIMS' Wedding Shop collection after marrying Matt Kaplan in Mexico
2 days ago
The Telegraph
Russia has found the critical vulnerability in Nato’s American tanks
The arrival of the US M1A1 Abrams tanks in Ukraine was hailed as a turning point in the war. Coming in at roughly $10 million a unit, the Nato stalwart was supposed to provide the armoured fist that would punch through the Russian lines. But tactics evolve quickly in warfare, and Russia’s use of surveillance and hunter-killer drones has led to heavy casualties for Ukraine’s tank fleets. This is alarming for NATO. If Russia has found critical vulnerabilities in our armour, our borders are beginni
8 hours ago
The Telegraph
China is the enemy of the world and has nobody to blame but itself
Secretary of State Antony Blinken’s multi-day trip to China this week caps a particularly busy stretch of meetings between US and Chinese officials. Treasury Secretary Janet Yellen was in Beijing earlier this month where she delivered remarks about establishing a floor underneath the US-China relationship and was photographed drinking a beer at a local brewery. On April 5, US and Chinese defence officials held maritime talks for the first time in three years. And on April 16, US Defense Secretar
a day ago
Yahoo News Singapore
Fatal accident in Tampines: 42-year-old driver involved in crash charged with four offences, including dangerous driving causing death
After a fatal collision in Tampines, Muhammad Syafie Ismail, 42, faces four charges including dangerous driving causing death.
2 days ago
Euronews
Russian actress who hosted 'almost naked' party fined for calling for peace in Ukraine
Anastasia Ivleeva fell foul of a law that sanctions remarks discrediting the Russian military.
a day ago
The Independent
Bully dog found beheaded, burnt and cut into pieces near children’s playground
A dog walker made the horrific discovery on Tuesday morning
a day ago
Evening Standard
Liverpool: Darwin Nunez tipped to be sold by Arne Slot after 'unforgivable error'
The striker was again guilty of a huge miss as Everton all but ended Liverpool’s title hopes
2 days ago
The Telegraph
Horse trainer accused of rape and murder found dead at home
A horse trainer who was accused of the murder and rape of a showjumper he was in an “illicit relationship” with has been found dead before the second day of his trial was set to begin.
2 days ago
INSIDER
Malaysia might add a casino to boost troubled $100 billion mega-development Forest City
The casino, which would only be the second in Malaysia, could revive the struggling property.
a day ago
The Telegraph
‘It is abuse... enough is enough’: Marcus Rashford’s message to Man Utd fans – posted at 12.36am
Marcus Rashford has hit out at the abuse he has suffered this season and said “enough is enough”.
5 hours ago
CNN
Secret Service says agent on Harris’ detail was removed from assignment after distressing behavior
A Secret Service agent assigned to Vice President Kamala Harris’ detail was removed from their assignment after displaying behavior that colleagues found “distressing,” the agency said.
18 hours ago
Country Living
Royal Expert Says Prince Harry Is in a "Painful Place" Due to Writing About Kate Middleton in 'Spare'
A royal expert says Prince Harry is in a painful place after writing about Kate Middleton in his bombshell-filled memoir, 'Spare.'
22 hours ago
InStyle
Prince Edward and Duchess Sophie Feel Disappointed by King Charles Royal Title "Snub"
The "chosen ones" are reportedly sad they didn't get new roles after Prince William and Kate Middleton's latest appointments.
a day ago
The Telegraph
Mohamed Salah can spearhead Liverpool’s new era but the jury is out on Darwin Nunez
In the aftermath of a particularly demoralising defeat, former Liverpool manager Gerard Houllier once appealed to the Kop with the observation: “We don’t destroy our heroes today when we worshipped them yesterday.”
a day ago
Cinema Online
Jacky Wu and his "Mr. Player" team filmed in Penang for four days
The Taiwanese host is back in Penang again after filming in the island back in 2015 and 2019
17 hours ago
SETHLUI.COM
Shi Wei Da Satay Bee Hoon — Michelin-approved stall to shutter on 30 Apr 2024
The post Shi Wei Da Satay Bee Hoon — Michelin-approved stall to shutter on 30 Apr 2024 appeared first on SETHLUI.com.
14 hours ago
The Telegraph
The five horrible defensive mistakes that derailed Liverpool’s title bid
When you are fighting to stay in the title race and need a win at the home of your city rivals, you cannot get away with the calamitous defending that gifted Everton the lead against Liverpool.
2 days ago
France 24
🔴 Live: Netanyahu says International Criminal Court decisions ‘will not affect Israel's actions’
A delegation from mediator Egypt arrived in Israel Friday in a bid to reignite stalled negotiations for a ceasefire in the Gaza war including the potential release of hostages, Israeli and Egyptian media reported.The signs of fresh truce talks came alongside Israeli preparations for a military push in Gaza's southern city of Rafah, and with spillover from the war leading to stepped-up exchanges of fire over Israel's northern border with Lebanon.Egypt, Qatar and the United States have been trying
16 hours ago
SETHLUI.COM
10 best makan places in Sutera Mall for a recharge from shopping fatigue
The post 10 best makan places in Sutera Mall for a recharge from shopping fatigue appeared first on SETHLUI.com.
2 days ago

Latest stories