FaceApp was having a viral moment as its AI-backed technology flooded social media with digitally aged celebrities and friends, until its vague privacy terms and Russian origins began to trouble political leaders and app users.
By Wednesday, Senate Minority Leader Chuck Schumer, D-N.Y., had asked the FBI and Federal Trade Commission to investigate the company because of the potential “national security and privacy risks” its app posed for millions of U.S. citizens. That same day, the Democratic National Committeeurged 2020 campaigns to delete the app “immediately.” DNC officials got burned by Russian hackers during the 2016 presidential race and have since invested heavily in cybersecurity to prevent a repeat.
Though some 80 million users have tapped FaceApp — which remained the top free download at Apple’s App Store on Thursday afternoon — little is known about the company behind it. Wireless Lab was founded by its chief executive, Yaroslav Goncharov, in February 2014, according to his LinkedIn profile.
Goncharov, who has a master’s degree in computer science from Saint Petersburg State University in Russia, spent three years at Microsoft, where he worked as a technical lead in Redmond, Wash., starting in 2003. He also co-founded SPB Software, a Russian company that was acquired by Yandex (known as “Russia’s Google”) in 2011. He worked there for two years before creating Wireless Lab.
It was during his time at Microsoft that he came up with the framework for FaceApp, he told the Moscow publication Afisha.ru .
“About a year ago I decided to use this progressive technology for photo processing,” he said in the 2017 interview. “There is an opinion that stories from Snapchat, Instagram and their analogs will soon kill news feeds like Twitter. Facebook is already moving in that direction.”
He said he used to spend his evenings writing code and created a bot he could play poker with. The bot’s neural network underlies the “progressive technology for photo processing” behind FaceApp.
“That’s what they call the simplified analog of the human brain implemented in computer code,” he said. “To create it, they build a huge network of software simulations of neurons and synapses capable of analyzing and storing information. Such technologies underlie machine learning, artificial intelligence, cybernetics, and much more.”
Wireless Lab is based in St. Petersburg, where the app’s research and development team is located, Goncharov told The Washington Post.
FaceApp was incorporated in Delaware in 2014, at the time named “Hotel WiFi Test Inc,” according to company filings. It also has an active limited liability corporation established in 2011. Both are located in Wilmington. The company reported $43,479 in sales for 2017.
The 2016 Delaware tax report for FaceApp Inc. listed a new location for its principal place of business, about 50 miles west of its original St. Petersburg headquarters: Sosnovy Bor in Leningrad Oblast.
Goncharov also ended up operating Hotel Wifi Test as a separate company (Hotelwifitest.com), which allows guests to globally choose lodging based on the quality of Wifi provided, according to news reports.
Users can only dispute small claims against FaceApp, not file class-action lawsuits, according to its terms and conditions. It falls under state or federal jurisdiction for Santa Clara County, Calif., in the heart of Silicon Valley.
Elizabeth Potts Weinstein, a small-business law attorney in Silicon Valley, told The Washington Post one concern she has is what happens to user data if something changes with the company.
“They could go under and all their data and all their assets could get bought by somebody that is nefarious or could get appropriated by somebody in the national government,” she said. “We in the United States don’t have jurisdiction over them.”
If you’re concerned about your data, just deleting it from the app won’t cut it, according to its privacy terms. Goncharov said that users who want to remove their data from FaceApp can make the request through the app by clicking “Settings,” then “Support,” then “Report a bug” with “privacy” in the subject line.