Big and expressive eyes, small mouth, round red cheeks … These are some of the changes with which, thanks to Voilà AI Artist , millions of people have turned into a cartoon or a Renaissance painting. This application has achieved eleven million downloads worldwide , according to June data from Sensor Tower, and has a revenue of $ 200 million.
In this way, it is already one of the fashionable applications, in the line followed by others, such as FaceApp, the one that allowed you to see how you would be when you grew up. “Both Voilà AI Artist and FaceApp use incipient AI systems and mathematical formulas to transform the faces of users”, explains Sergio de Juan-Creix, collaborating professor at the UOC’s Information and Communication Sciences Studies and expert in the right to publicity.
These types of applications come in a wave of popularity that causes many people around the world to download them to “play” with their own face or that of others, and the popularity of the moment makes them put privacy aside .
This is precisely one of the most critical issues around this application. But can an application be interested in marketing our face? “The company” will “learn” with the use that users make of the app and will feed its algorithms to improve them, that is, with all this information it is possible to obtain generic information on the behavior of users and their facial expressions ,, not only for this commercial purpose -apparently fun- of changing your face, but for other different purposes “, explains Sergio de Juan-Creix.
Another important point that helps its popularity is that it is free . For Mònica Vilasau, professor of the UOC Law and Political Science Studies is the hook used to encourage the download. The rush, popularity and ignorance can lead us to accept little restrictive clauses with our privacy or privacy .
Vilasau and de Juan-Creix state that all applications can be potentially “dangerous” for our privacy and intimacy, but they offer some basic advice that must be taken into account before giving the “yes, I do” : It is important to read the privacy policies and make sure, at least, that these companies do not transfer data to countries with regulations that do not offer guarantees similar to the General Data Protection Regulation (RGPD) .
“If they are located in the European Union, we know, at least, that they apply the RGPD and that they are subject to a closer control of the competent authorities,” says de Juan-Creix. It is important that the privacy policy allows, among others, to exercise our right of access to know what data we are dealing with.
Even get a copy in certain cases Otherwise, it would go against the RGPD, which provides for access rights (being able to know all the data they have about us), portability (being able to receive a copy of all our data in an intelligible and structured format) or deletion.
If the application is aimed at European citizens, (for example, if it is available in a European language or if payment in euros is allowed), the company that manages it should comply with these user rights because it must apply the RGPD, although is located outside the European Union.
It should be taken into account that the United States regulations are more lax regarding the rights of users, so it is important to review this point. Can they market or share our data? We have to be able to identify in the privacy policy to whom or to whom our data can be transferred.
It can be, for example, other companies in the group. “In general, the sale of personal data is not allowed, says Sergio Juan-Creix, but they can” work “to sell advertising to third parties (inside or outside the application, through the use of cookies)”.
There is also the possibility that, in the future, the company or the application will be sold to a third party along with all its intangible assets such as databases (that is, it would be an indirect sale of our data). See which internal applications we give access to the app “We have to be cautious when giving permissions to apps and, above all, that such permissions are consistent with the service that they are going to provide us,” warns de Juan-Creix.
For example, it would be normal for an app that modifies your photos to ask for access to the gallery, but it would not be normal for it to ask for access to the microphone, to the contacts or to the location.
Take into account the rights derived from the duties of integrity and confidentiality “In the event of security violations, (for example data leaks), the person responsible for the treatment (who collects the images or data), must notify the corresponding data protection authority, and according to the circumstances that concur, communicate it to those affected “, concludes Vilasau.
