If you’ve been on Facebook recently you’ve probably seen lots of cool-looking photos that have been altered to look like drawings and other such adaptations.
Unfortunately, this is one of those apps that puts your privacy at serious risk.
First, we’ll start with the bad news…
If you click the “Privacy Policy” link at the bottom of the NewProfilePic.com homepage you’ll be taken to this completely different URL, which is never a good sign.
If you take a few moments to read the privacy policy you’ll see that they collect a wide range of information about your Facebook account and your online activities.
They then list several entities they’ll share your info with, and under what conditions. The primary use of your information will be for targeted advertising in the form of online ads that follow you around the web and commercial emails (i.e. SPAM).
On a slightly different note, here is an especially concerning quote taken from their Privacy Policy:
“LOGIN DATA – In order to share your content within apps and services where such an option is provided you will be asked to log in.
If you connect your Facebook, Apple ID, or other third-party accounts to one of our apps, we use information from those accounts (like your username or profile picture).”
They don’t actually expand on all the ways they’ll use your Facebook or Apple login data, but the possibilities are endless.
And that’s just the bad news. It actually gets worse…
While it’s true that many apps have a similar policy in regards to using third-party login info, it’s especially concerning in this case as you’ll see after reading the info below.
The location listed for the publisher on the app’s official Apple and Google Play download pages is the Virgin Islands.
However, if you go to the official ICANN Domain Lookup page and do a Whois lookup for the domain newprofilepic.com (type newprofilepic.com into the search box) you’ll see that it’s actually registered to an entity in Moscow, Russia.
Update: Within an hour after this post went live the people behind this app switched the registered location in their domain’s Whois info to Florida and completely removed some of their contact info.
Anyway, what all of this means is when you use this app you’re effectively giving someone in Russia access to your Facebook information, your email address and any other info that you happen to enter into their signup form.
And that’s in addition to all the info they’ll retrieve from the Internet at large using the info you gave them.
Why is this bad? Well, if you’ve been following the news of late you know that Russian hackers are now attacking western businesses and individuals online in a variety of malicious ways.
Bottom line: If you have never used the NewProFilePic app I strongly recommend that you don’t.
If you have already used it I strongly recommend that you stop.
If you’re wondering how to get your info removed from their servers, they provide an email address at the bottom of the Privacy Policy page you can use to request the deletion.
Whether they will actually honor your request is an open question. I’m a little skeptical.
I’ll finish up by saying this..
Any time you see an app of this nature being used on Facebook, always ask yourself this question: What is the company getting out of it?
There is always a purpose behind these apps. They aren’t developed and distributed just to make the world a better place. It’s usually just the opposite.