Maybe you’ve seen some of your Facebook friends upgrading their profile pictures to look like fancy illustrations of themselves. They’re likely using a free app called NewProfilePic Picture Editor, the latest social media craze. And while the new images may look glamorous, using the app may be a bad idea — but perhaps not for the reason some say. Let’s look at the facts.
What is NewProfile Pic?
NewProfilePic is an app you can get for iOS or Android. It does pretty much what it says — makes your profile image look like a painting, using artificial intelligence. People on various social platforms are having fun tinkering not only with their own photos, but images of famous people and pets.
Who’s behind NewProfilePic?
“A British Virgin Islands company, Linerock Investments Ltd. holds all the intellectual property (for the app),” Newsweek reports, “but several other companies work together to create the app, including Informe Laboratories and Photo Lab.”
Linerock didn’t immediately respond to a request for comment, though it has posted a response to the Newsweek article (see below).
So what’s the controversy?
On Wednesday, the UK tabloid The Daily Mail published a story with the unnerving headline, “Is Russia after YOUR personal data? Experts warn internet users not to download latest online craze New Profile Pic that hoovers up your details.” (“Hoovers” as in “vacuums,” for those not up on British slang.)
The Daily Mail quotes a security expert who says “this app is likely a way of capturing people’s faces in high resolution and I would question any app wanting this amount of data, especially one which is largely unheard of.”
Shades of FaceApp in 2019
I spoke to cybersecurity journalist and author Bob Sullivan about the app.
“This feels exactly like the FaceApp situation, with one important difference: the world is at war with Russia now,” he told me.
Back in 2019, a similar app, FaceApp, was all the rage — you could use it to age a photo of yourself or alter it in other creative ways. It was also based in Russia, and the FBI ended up investigating the app.
Russia, you say?
Sullivan mentions Russia for a reason. A spokesperson for Linerock Investments told urban-legends debunking site Snopes.com that the NewProfilePic domain was originally registered in Moscow because the company’s founder had lived there, but that it’s since been changed to the Virgin Islands.
There’s no need to slam any app having to do with Russia out of sheer prejudice, he said.
“Many Russians are great developers,” Sullivan told me. “Many Russians who learned to program there and now live abroad run very successful companies. The world needs Russian programmers.”
War changes everything
But Sullivan understands that Russia’s invasion of Ukraine, and Russia’s president, Vladimir Putin, leave many suspicious of Russian-based apps.
“People have to understand that even if a person or company has every good intention of not sharing data with a government, they can be compelled to do so anyway,” Sullivan said. “I have no idea if [the company founder] is a Putin sympathizer or a Putin hater, but make no mistake: this person cannot guarantee that she, he or they is completely free of any influence from the Russian government.”
Sullivan again pointed out that it’s unfair to dismiss any technology simply because it’s built by Russians.
“Frankly, I would give this advice if we found out the developer was based in New Jersey,” he said. “After all, that person could [illegally] sell the data acquired to Russia.”
Is the app dangerous?
“I really think people are crazy to use this app or anything like it,” Sullivan said. It’s less about the Russia question, and more about the fact that users are giving the app personal photos for free.
Artificial intelligence researchers, he says, are “desperate” to acquire large datasets they can feed into a computer to perfect their algorithm.
Even if you completely trust the app maker, Sullivan says, “you have no way of knowing where these images of you might end up in the future. For that reason alone, don’t do it.”
But what if you’ve already used the app? And are you safe if you don’t use photos of your own face, but, say, of your cat or horse?
“The app probably has an ongoing way of feeding information about you back to its owner, so I would delete it immediately,” Sullivan said. “Same for the cat theory. I don’t know what they are doing with non-picture data. But every piece of info you share ends up in the horrible ad-tech ecosystem, with inferences drawn that would shock you.”
The Snopes article notes that the app’s requested permissions are similar to those of other mainstream apps.
“I do agree this app doesn’t ask for more than many apps …. which doesn’t make it right, but that’s not suspicious on its own,” Sullivan said.
The company responds
Linerock Investments has posted a response to The Daily Mail article.
“All we can do is explain patiently that all our apps (including NewProfilePic) are NOT a threat,” the response reads. “We are a BVI company with development offices in Russia, Ukraine, and Belarus (check out our founder’s IG post for more info). Nevertheless, your photos (or any other data) are NOT sent to Moscow. All our apps are server-based and user images are uploaded to Amazon AWS / Microsoft Azure servers located in the US. This is necessary in order to apply all those fancy effects driven by AI technologies.”
The company also linked to the Snopes investigative article, writing, “Spoiler: Our app is safe!”
Support your local artists
Even if you totally disregard the company founder’s original Moscow location, it’s rarely a great idea to hand over personal photographs to an app you know nothing about, even for an elegant profile pic.
“When you share intimate data like your face with an app like this, you have no way of knowing where that data will end up,” Sullivan warned. “So just don’t do it. If you really want a cool portrait of yourself, hire a local artist!”