The MAC Lawsuit: What It Reveals About Privacy Risks in AI Beauty Tools

If you’ve ever used a virtual try-on tool to see how a lipstick shade looks on your face, or let a beauty app scan your skin to recommend products, you’re not alone. These AI-powered features are designed to make shopping convenient and personal. But a recent lawsuit against MAC Cosmetics suggests that the data these tools collect—facial scans, skin tone measurements, and even behavioral patterns—may be used in ways that consumers never agreed to.

The case, filed in early 2026 and reported by Personal Care Insights, alleges that MAC’s use of AI beauty tools went beyond providing a virtual mirror. According to the expert quoted in the article, the company collected detailed biometric data and shared it with third parties without proper consent, potentially violating state privacy laws. (Full details of the lawsuit are still emerging; the report is behind a truncated link, so follow-up coverage from mainstream privacy outlets may offer more specifics.)

What Data Do AI Beauty Tools Actually Collect?

Most consumers assume that a beauty app only sees a flat image for a few seconds. In reality, many AI beauty tools capture far more:

  • Facial geometry – the shape and contours of your face, which can be used to build a 3D model.
  • Skin tone and texture – sometimes in multiple lighting conditions.
  • Behavioral data – how long you looked at a shade, which products you tried, and whether you made a purchase.
  • Device and location metadata – used for ad targeting.

This information is often stored in cloud servers and, depending on the app’s privacy policy, may be sold to data brokers or used to train algorithms for unrelated products.

Why This Lawsuit Matters for Average Users

The MAC lawsuit is not an isolated case. The beauty industry has rushed to adopt AI try-ons and skin analysis tools, but privacy regulations have not kept pace. In the United States, only a handful of states (like Illinois, Texas, and Washington) have strong biometric privacy laws that require explicit consent before collecting facial data. In most other places, companies can bury permissions in terms of service agreements that few people read.

What makes the MAC case noteworthy is the allegation that data sharing happened “without knowledge or meaningful consent.” If proven, it could set a precedent that forces beauty brands to be more transparent about what they collect and how they use it. But until that happens, the burden of protecting your data falls largely on you.

What You Can Do Right Now

You don’t have to stop using virtual try-ons altogether, but you can take a few practical steps to limit your exposure.

1. Audit the apps already on your phone

Go through your installed beauty and cosmetics apps. Look for ones that ask for camera access or “facial data collection.” Check their privacy policies—especially the sections on data sharing and retention. If an app states that it shares data with “third-party partners” without specifying who, consider that a red flag.

2. Turn off unnecessary permissions

On both iOS and Android, you can revoke camera access for apps that don’t need it constantly. You can also disable the “facial recognition” or “skin analysis” features if they are toggled on by default. Even if you want to use the tool once, you can grant permission only while the app is in use, then revoke it afterward.

3. Use a dummy account or a separate device

For beauty brands that require you to create an account to use the try-on feature, avoid linking it to your primary email or social media. Create a throwaway email address and use minimal personal details. If you have an old phone or tablet, consider using that for testing beauty apps—especially those that ask for camera access.

4. Opt out of data sharing where possible

Some apps offer the option to opt out of data sharing for advertising or analytics. Look for these settings under “Privacy” or “Data Preferences.” Note that opting out may not stop collection entirely, but it can reduce how your data is used.

5. Be wary of “free” tools

If a beauty app is free, your data is likely the product. That doesn’t mean you should pay for every feature, but it’s worth asking: what value is the company getting from your participation? If the answer isn’t clear, treat the tool with extra caution.

Which Beauty Apps Are Safer? (A Preliminary Note)

No comprehensive, independently audited list of “safe” beauty apps exists yet. However, apps that publish transparent privacy policies, allow you to delete your data on request, and do not store facial scans on their servers (or store them locally on your device) are generally preferable. Some brands, such as L’Oréal’s ModiFace, have stated that they do not sell user data, but you should verify these claims by reading the latest version of their privacy policy.

Until more legal cases like the MAC lawsuit force change, the safest approach is to assume that any beauty app that uses AI on your face is collecting more than you realize. Treat it accordingly—use sparingly, review permissions often, and never assume a branded app is inherently trustworthy.

Sources

  • “MAC lawsuit highlights privacy risks in AI beauty tools, says expert,” Personal Care Insights, June 23, 2026. (Full article behind truncated RSS link; follow-up coverage pending.)
  • Illinois Biometric Information Privacy Act (BIPA) – legal framework for biometric data consent.
  • General privacy resources: Electronic Frontier Foundation (EFF) and Consumer Reports’ privacy guides.

Note: This article is based on a single report. The specific legal claims in the MAC lawsuit have not been independently verified by mainstream outlets. Always cross-check with multiple sources before drawing conclusions.