Data Privacy Facts You Should Know About Lensa AI & Similar Glamour Apps

By Unbound Digital Team | February 16, 2023
Data Privacy Facts You Should Know About Lensa AI & Similar Glamour Apps

One of the newest apps to make a splash on Facebook feeds is Lensa AI. This app, like many other glamour apps, attracts people using vanity. Who wouldn’t love to make your profile pic look amazing? 

Lensa’s Magic Avatars make people look like they’re a character in a fantasy or sci-fi game, and for most people, it’s a little harmless fun. The nominal cost of a few dollars hasn’t stopped millions of people from adding the app to their phones and uploading several photos to generate an amazing version of themselves.

If you use Facebook, you’ve likely seen these pop up on people’s timelines and may have been tempted to try it yourself. If you run a business, then there is a good chance that one or more employees may have this or a similar profile pic app on their phone.. a phone that may also be used to access work data and tools.

The problem with Lensa and apps like it is that people often download before they think, and definitely before reading the privacy policy and terms. These apps can pose a serious risk to both personal and company data security.

What You Need to Know About the Lensa Magic Avatar App

The Data Collected by Lensa

When Lensa AI is downloaded to a device, it doesn’t just mind its own business. It can track the user’s activities in other apps, including the websites they visit. It also knows your IP address and phone number. 

Data that is collected and linked to you:

  • User content (e.g., the images you upload to generate your avatars)

Data that is collected, but not linked to you: 

  • Purchases that you make on websites or in apps
  • Usage data for apps 
  • Diagnostics from your device
  • Identifiers (This isn’t specified, but could mean things like city or gender. These demographic identifiers are often used for advertising.)

Your Images Become Property of Lensa

Lensa recommends that users upload between 10-20 “selfies” (photos of themselves) to generate the realistic Magic Avatars. The scary part is that Lensa can do a lot with your pictures, including reproducing, modifying, and distributing them. You basically give the company that owns the app the right to use your image however it likes.

Most people aren’t reading the long, extensive terms and conditions for any apps, including Lensa. One section from the Lensa AI Terms that users agree to states:

“…solely for the purposes of operating or improving Lensa, you grant us a time-limited, revocable, non-exclusive, royalty-free, worldwide, fully-paid, transferable, sub-licensable license to use, reproduce, modify, distribute, create derivative works of your User Content, without any additional compensation to you…”

What happens if an employee’s selfie includes sensitive company information in the background? This is something to think about and address in any employee digital use policies that you have. 

Lensa Is Tracking Activities

When you open other apps, Lensa can track that. If you visit a company cloud platform and log in, Lensa can track that too.

There are a lot of privacy warning signs that are hidden behind those stunning images that lure users in. Some of the things the app can track on a device are:

  • Cookies you’re using
  • IP address
  • Usage data
  • Purchases
  • And more

Tips for Improving Data Privacy

Opt-out of Third-Party Analytics

While this won’t totally fix the many data privacy and image permission risks of using Lensa, it can reduce the data collected from your device.

If you don’t want to uninstall the app, you can visit this page for instructions on opting out of third-party analytics.

Uninstall the App

If you’ve already shared images with Lensa, then those are already its property per the company’s terms and conditions, but you can stop the tracking and potential data leakage by uninstalling the app from your device.

If you’ve already paid and received your Magic Avatar images, then you likely don’t need to have the app on your device any longer. Just remember that removing the app from your phone doesn’t cancel any subscription you have, so you may want to do that first and then delete the app.

Wait Before You Jump on a Social Media App Fad

This tip takes a little self-control, but it can save you a lot of data privacy worries later. Wait before jumping on a fad. You may just find that the hubbub dies down in a couple of weeks and you’re no longer seeing Magic Avatars every time you open Facebook.

Fads come and go, but once your data is out there, you can’t get it back.

Companies Should Enforce Restrictions on Devices Used for Work

Companies need to be aware that apps employees download on phones used for work (either personal or company-owned) can result in a vulnerability enabling a data breach or data leaks. 

Address restrictions on work devices or use mobile device management tools to enforce security policies to prevent non-work apps from accessing company data. 

Schedule a Mobile Privacy Assessment Today

What does your mobile device privacy situation look like? Unbound Digital can work with your Tri-Cities business to assess mobile security and implement solutions to mitigate risk. 

Contact us today to get started! Call 423-467-7777 or reach us online.

Posted in Cyber Security, Security Practices