The Federal Trade Commission (FTC) announced its settlement with Everalbum Inc. (Everalbum) for its Ever app, a photo and video storage app, due to its alleged deception of consumers related to the app’s use of facial recognition technology and its retention practices around deactivated accounts.

Pursuant to the settlement agreement, Everalbum must delete models and algorithms that it developed using users’ uploaded photos and videos and obtain express consent from its users prior to applying facial recognition to a photo. FTC Commissioner Rohit Chopra said that facial recognition technology is “fundamentally flawed and reinforces harmful biases.” As regulation and enforcement around this technology surely increases, the FTC seeks to suspend or inhibit and restrict the use of such software.

The Ever app (which is defunct as of August 2020), permitted users to upload their photos and videos to a cloud-based storage platform. The app then used facial recognition technology to automatically sort users’ photos and videos for the tag a “friend” feature. However, according to the FTC’s allegations, Everalbum’s use of facial recognition was NOT limited to its app’s friend feature; between September 2017 and August 2019, it allegedly combined facial images from its users’ accounts with facial images from publicly available datasets. The combined data was then used to develop Everalbum’s facial recognition technology. This technology (since it is no longer used in the Ever app) is now marketed through Paravision, which is a company that provides services related to building security, payments and travel. A Paravision representative said that the FTC settlement reflects “changes that have already taken place” as it continues to utilize the technology in a more ethical manner. The new Paravision model also does not use any of the Ever app’s user data previously collected from consumers.

This settlement raises more questions (than answers) about how to handle and use the data used to train facial recognition software. This settlement also highlights the potential for an increase in consumer class actions over the use of facial recognition technology, especially as consumers become more aware of the use of this technology, how it works and the perhaps uncontemplated uses by the companies with which many consumers are freely sharing their data.

Photo of Kathryn Rattigan Kathryn Rattigan

Kathryn Rattigan is a member of the Business Litigation Group and the Data Privacy+ Cybersecurity Team. She concentrates her practice on privacy and security compliance under both state and federal regulations and advising clients on website and mobile app privacy and security…

Kathryn Rattigan is a member of the Business Litigation Group and the Data Privacy+ Cybersecurity Team. She concentrates her practice on privacy and security compliance under both state and federal regulations and advising clients on website and mobile app privacy and security compliance. Kathryn helps clients review, revise and implement necessary policies and procedures under the Health Insurance Portability and Accountability Act (HIPAA). She also provides clients with the information needed to effectively and efficiently handle potential and confirmed data breaches while providing insight into federal regulations and requirements for notification and an assessment under state breach notification laws. Prior to joining the firm, Kathryn was an associate at Nixon Peabody. She earned her J.D., cum laude, from Roger Williams University School of Law and her B.A., magna cum laude, from Stonehill College. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.