FaceApp has come under scrutiny over its dubious privacy features and Russia link. But is the app any less secure than Facebook and Google?


Sure, I like privacy in the abstract. But I’m applying for an apartment in New York City, and I just sent out my only slightly redacted W-2, credit history and screenshots of my bank account to several people just because they said they’re real estate brokers.


So I cannot judge the thousands of Americans who sent in a picture of themselves to a Russian-made smartphone application that they hadn’t heard of the day before. FaceApp is a viral app that allows people to create startlingly realistic images of themselves as seniors or as children. And this week, it incited a panic as reports emerged that people using the app were sending their images to a little-known Russian company for doctoring.


The scandal is not surprising. Whether it’s a hip thing like FaceApp (literally all it does is age you)—or the age-old torture of applying for an urban apartment—it doesn’t take much to get any of us to hand over our data.


I have no idea whether people should be wary of FaceApp in particular. Security researchers have found no evidence that it sucks up all your photos or does anything similarly nefarious. The company said it deletes most images within 48 hours and that it will remove user data upon request.


The fact that it’s Russian isn’t enough to discredit it. But Democratic Senate Minority Leader Chuck Schumer has called for an FBI investigation. And if we were living in a movie, the all-powerful facial recognition machine that brings humanity to its knees would certainly be built on the back of viral human vanity.


ALSO READ: FaceApp is fun but dubious terms of service raises serious privacy questions


It’s interesting to look at the FaceApp panic in the context of the broader privacy conversation around Silicon Valley’s tech giants. At Facebook Inc., the company has argued that its size is part of the reason it’s able to safeguard user data better than smaller, less controllable competitors. And compared to any random app, I’m sure Facebook is fairly responsible. (Listen to this podcast for a compelling argument that the whole Cambridge Analytica scandal might have been kind of overblown.)


Facebook’s opponents argue that by breaking it up, its various pieces and their competitors would be forced to compete by offering superior privacy protections. But with so many people so willing to trade their data for convenience (or a discount, or an apartment, or a face filter), the invisible hand of the market probably won’t protect us from tech overreach.


The most obvious answer is privacy regulation. This is why we elect leaders to create a regulatory state to watch out for us. I’m not particularly interested in investigating the factory farm that pumps out the eggs that I buy. That’s why I rely on the Food and Drug Administration to keep an eye on things.


But in the absence of strong government oversight in the internet world, we’ve had to rely on app stores and other log-in tools to protect us. That has some mixed results. And it means the gatekeepers—Apple Inc., Google and Facebook, in particular—know a ton about us.


I’m sure some privacy-minded people will object to this sort of defeatism. Yes, people can take some responsibility for their privacy. As in, maybe do some background googling before downloading an app from a company that you’ve never heard of? But more likely, people will just embrace the post-privacy dystopia. If regulators won’t police the most obvious targets, Apple, Google and Facebook (which has even called for regulations!), I guess the Russians can enjoy looking at our smiling, naïve faces.