Is FaceApp Safe or Spying on You? What You Don’t Know About the App

How does FaceApp work under the hood?

First up, let’s unpack “how does FaceApp” magic happens. The app’s machine learning models run in the cloud because processing on the user’s device would fry a battery fast. So, when you hit “Age,” the app:

1. Creates a temporary copy of the shot.
2. Encrypts the file in transit (FaceApp says encryption keys are the keys stored locally).
3. Sends it to rented cloud providers (mostly US and EU data centers).
4. Runs artificial intelligence models to adjust wrinkles, beards, or smiles.
5. Ships a transformed image back to the mobile device and, in theory, deletes the server copy soon after. 

However, the reality of using your personal data is not that funny. Let’s review the privacy risks associated with using FaceApp. 

FaceApp privacy risks. What happens to your personal information?

Here is what happens behind the scenes of using FaceApp and what problems you might face: 

They collect more than your think 

Besides getting another fun photo from a photo editing app, the pipeline for creating photos also means they know your device data: EXIF tags, model numbers, phone’s OS, user’s device ID, your IP address, and even ad ID. 

Your photos come with unpleasant conditions 

By uploading an image, you’re also handing over rights. FaceApp’s terms give it a royalty free, fully paid license to use your image however it wants. That includes the right to create derivative works, publicly perform, or even feed your photo into an artificial intelligence model, in perpetuity. Basically, forever. So even if you delete the app, that license to use reproduces of your content doesn’t go away.

Ads, tracking, and third-party data sharing

Like many apps, FaceApp uses embedded trackers, which are also known as marketing SDKs. These little tools help the app collect your user data, behavior, and then give it to advertisers or cloud providers. Even if the app isn’t acting with bad intentions, it still creates plenty of chances for sending users sensitive data to advertisers or analytics platforms.

Behind the scenes, your image travels from your mobile device to FaceApp’s remote cloud servers, mainly hosted on Google Cloud Platform and Amazon Web Services.

Biometrics and AI threats in future 

You’re not just taking photos, you’re handing over personal biometric data, your face, your expression, your likeness. That kind of information can be used to build face-recognition datasets, train surveillance tools, or be repurposed in nefarious ways without your knowledge. PBS experts have warned about this. And when millions of faces are combined into a massive training set, it’s easy to see why privacy issues become a major cybersecurity issue.

Photo deletion claims that are hard to trust

FaceApp’s company’s privacy policy, updated in November 2024, says that photos uploaded are deleted within 48 hours. But there’s no app’s security audit or outside verification. No logs, no confirmation, just a promise. And when the app still holds a permanent license to your content, that “48 hours” sounds more like a technicality than a true safeguard.

FaceApp and Russian ties

While many worry about Russian ties, the app itself doesn’t send your files straight to Moscow. Still, FaceApp Technology Limited, the company behind the app, is run by developers with known Russian government connections. That alone has sparked serious concerns—so much so that US lawmakers, including Sen. Chuck Schumer, flagged it as a national security risk and called on the FBI to investigate.

So, FaceApp isn’t a malicious app, but the way it handles your data makes it risky. And users are right to be understandably concerned. Having that said, let’s have a look at how you can secure using FaceApp.

FaceApp safe practices. How to protect your data?

Here’s how to enjoy using FaceApp without oversharing your personal data:  

Edit photos before uploading

Don’t upload raw selfies straight from your camera roll. Crop out anything personal like your family members, house numbers, or paperwork in the background. In this way, even if your photos uploaded end up on a cloud server, there’s less personal information to tie back to you.

Use a backup email, not your main one

Sign in using a secondary email or Apple’s “Hide My Email” feature. Consider using a masked email. That keeps your real identity a bit more private and limits how much other third parties can learn about you across many apps.

Clear your cache or remove the app

After you’re done having fun with FaceApp’s face-changing feature, clear the image cache in the settings screen under the app’s security options. Or delete the app entirely. FaceApp doesn’t need to stay on your mobile device after a quick filter test.

Check app permissions regularly

Head into your Google Play Store or App Store settings and see what FaceApp can access. If it has permission to read your location or contact list, turn it off. Most editing software like this app doesn’t need full access to your phone.

Watch for changes in the privacy policy

In November 2024, FaceApp updated its company’s privacy policy, changing how long it keeps your files. These updates often fly under the radar. But it is important, especially when you’re dealing with user content and companies producing apps that rely on cloud providers to store or process your data.

Use a VPN to cover your tracks

A good VPN masks your IP address, encrypts your traffic, and keeps what you do inside the app hidden from snoops. Without it, your data can leak to ad trackers or sketchy networks without you knowing.

But not all VPNs are secure. Free options may look attractive, yet there is a significant compromise. Most of them do not provide actual encryption. Some of them actually track the data about what you do online and sell it to third parties. The rest either bombard your screen with advertisements or engage in background trackers that kind of defeat the point of using a VPN in the first place. Others may contain malicious malware that might infect your user device and cause damage or lead to loss of personal data. Therefore, it’s better to use a reliable VPN provider like VeePN. 

VeePN to keep your FaceApp activity private 

Using VeePN adds a layer of protection between your phone and the app’s servers. Here’s how it helps:

Military-grade encryption

All the data that is transferred using VeePN is secured with AES-256 encryption. Even when a third party intercepts the traffic between your phone and the app, it is scrambled so that no one will understand.

IP address masking

FaceApp sees the VPN’s location, not yours. That matters if the app routes data through countries with weaker data privacy laws or loose rules on user data.

No-logs policy

VeePN doesn’t store what you do online. Unlike free VPNs that survive by collecting data, VeePN has no browsing history, no connection records.

Kill Switch

If your VPN suddenly drops, VeePN’s Kill Switch cuts off all internet traffic. That stops personal information from slipping out during the drop.

Safe on public Wi-Fi

Whether you’re using FaceApp at home or on airport Wi-Fi, VeePN secures your connection. Your photos uploaded won’t get intercepted on sketchy networks.

Covers up to 10 devices

One account protects your phone, tablet, laptop, or whatever you use for editing functionality or daily browsing.

Bypass location blocks

Some FaceApp features don’t work in certain regions. VeePN lets you connect through a different country to access the full app without giving away your real location.

Try using VeePN without risks, as we offer a 30-day money-back guarantee.

Written by Oliver Bennett Oliver Bennett is a dedicated cyber security content writer with a knack for breaking down intricate cyber topics into accessible and actionable insights.

Knowledge is power,
VeePN is freedom

Get VeePN Now