By Niraj Chokshi

New York Times News Service

This week, two years after being widely panned for a filter that critics described as little more than “digital blackface,” FaceApp, a photo-altering smartphone app, found itself at the center of a popular social media challenge.

A range of celebrities had been using the app’s age filter to modify photographs of themselves and provide realistic glimpses of what they could look like decades in the future. But then the backlash started.

The app, which was created by Wireless Lab of St. Petersburg, Russia, and was ranking among the top free offerings in both the Apple and Android app stores Wednesday, was uploading much more data than users realized, one Twitter user contended in a widely shared, since deleted post. “Russians now own all your old photos,” The New York Post proclaimed in a headline.

On Wednesday afternoon, the Democratic National Committee even sent out an alert, urging staff members on presidential campaigns to delete the app immediately, citing its ties to Russia, according to CNN.

But at least some of those concerns are overblown, according to several security researchers.

“The info sent by the application was only my device model, my device ID and Android version, which is very limited information and is quite common for an application,” said Baptiste Robert, a French security researcher who specializes in smartphone apps that abuse user data.

Robert did find one other piece of data uploaded to FaceApp servers without user consent, though: the photograph that a user wanted to manipulate.

The company explained how the software works in a lengthy statement published Wednesday by TechCrunch. When a user of the app selects a photograph to alter, that image is uploaded to FaceApp servers for processing, it said.

Most images are deleted from our servers within 48 hours from the upload date,” the statement read.

In a letter Wednesday, Sen. Chuck Schumer, D-N.Y., asked both the FBI and the Federal Trade Commission to investigate the app, citing “serious concerns” about security, data retention and transparency.