KUALA LUMPUR: Our social media feeds were recently awash with photos of users looking like senior citizens, courtesy of a filter in a popular app called FaceApp. The age filter produced almost uncanny results, encouraging millions to download the app and submitting their photos in order to see this realistic rendering of their future selves. Even celebrities jumped onto the bandwagon and gleefully shared the aged version of their faces on Facebook and Instagram, motivating their fans to do the same.
The app may seem a harmless source of amusement, but cybersecurity experts warn that it may not be all fun and games. Such apps provide to its developers the private information of users and in the case of Faceapp — facial recognition details.
There is a concern that this information could be manipulated for ill purposes. FaceApp was introduced in early 2017 by Russian company Wireless Lab. However, the app started trending again in 2019 because of its ageing filter, which is powered by artificial intelligence that recognises facial features and realistically ages it. A senior lecturer and researcher at the Advanced Communication Research Unit (ACRU) in Universiti Utara Malaysia, Dr Mohd Khairie Ahmad, said that reports revealed that the app has been downloaded into the devices of 80 million users worldwide.
“The government and cybersecurity experts in the US and Europe are concerned by the potential threat caused by this app. “The worry is that the app would be storing user details in its servers in Russia and this is considered a form of spying. I find this understandable given the strained relations between Russia and those countries, dating back to the Cold War,” he told Bernama. The app’s privacy terms may have also contributed to the unease as it forces users to agree to their photos and details being used for whatever purposes wished by the developers, without being compensated. After the controversial terms made headlines, FaceApp developers made a statement denying that the data collected were stored in their servers in Russia.
Instead, they said, the data were processed and stored using cloud storage services Google Cloud and Amazon Web Services, both based in the US. Mohd Khairie said that cybersecurity experts have argued that that still did not make FaceApp safe to use as its privacy term did not adhere to General Data Protection Regulation (GDPR) standards. What should users do in situations like this? Cognisant of the low level of awareness among Internet users in Malaysia, Mohd Khairie said it was imperative to learn about a digital or online product before using it.
“Most apps are free but understand that they are not 100 percent free — there is still an indirect cost to it. “The currency we use to pay for it is not money but our data and user information. When users do not fully comprehend the terms of use, they put themselves at risk,” he said. The lackadaisical attitude of some Malaysians when it comes to sharing information on apps and social media also exposes them to the risk of having their private information stolen and manipulated for ill purposes. “When we enter the digital world, every communication is recorded. This communication can be tracked using various digital communication forensic systems.
“It is a bit naïve to assume that we could safely navigate any form of digital system. History has shown that communication record and practices are valuable information that could at the same time be manipulated into a threat to a person, organisation or country,” he explained.
Based on statistics by Cyber Security Malaysia (www.mycert. org.my), the cybersecurity threats in Malaysia are at a worrying level. As of July 2019, 1,050 incidents have been reported to the agency compared to the same period in 2018, when 766 cases were reported and 2017 (648 cases).
“There is a 62 percent increase in threats in 2019 from 2017,” Mohd Khairie said. He believed there was a need to improve digital literacy among Malaysians, particularly in this era of digital economy. “We must remember that our data is an important and valuable commodity in today’s economy,” he said. A senior lecturer in information technology management at the Universiti Teknologi Mara (UiTM) campus in Rembau, Negeri Sembilan Dr Masitah Ahmad said the proliferation of online games and the mobile app industry has created a situation akin to a ‘scratch and win’ contest. These games and app often require users to provide their private information before they could use the programme. “Many have fallen victim to this.
Remember how we would be asked to fill out forms asking our private information so that we would be in the running to win certain prizes? The method may be different but the goal is still the same, which is to profit the company. “Internet users should not be too carefree in using apps because before we know it, we could be exposing ourselves to the risk of a crime,” she said. Revealing birth date, address, family name and number of children to an online game form can also put users at risk of falling victim to a cybercrime. It was also as dangerous to publicly share daily routines and current locations, she said. “Media literacy should be included in the school and university syllabus, given the challenges of a borderless world and the information and technology boom. “Some people may have basic media literacy, but if we don’t make it compulsory to learn it, we would still face difficulties in instilling the knowledge on a large scale,” she said. – Bernama