The MAC Lawsuit: What It Reveals About Your Privacy When Using AI Beauty Tools

Introduction

A lawsuit filed against MAC Cosmetics over its AI-powered beauty tool has brought renewed attention to how much personal data these apps collect—and how little control users often have over it. According to a report in Personal Care Insights (June 23, 2026), the case centers on claims that the company’s virtual try-on tool gathered facial images and other biometric data without adequate disclosure or consent. This is not an isolated incident. As AI beauty tools become more popular, similar legal challenges are likely to follow.

If you’ve ever used an app to try on lipstick shades, scan your skin type, or generate a “digital twin” for a makeover, your face—and the data it reveals—may already be in someone else’s hands. This article explains what the MAC lawsuit means for everyday users, where the real privacy risks lie, and what steps you can take to protect your information.

What happened

The exact details of the lawsuit remain under seal, but the core allegation is that MAC’s AI beauty tool collected “biometric identifiers” (such as facial geometry maps) and linked them to user accounts without obtaining informed consent. Many users likely assumed the app only processed images temporarily, but the suit argues that the data was stored and potentially shared with third parties.

The Personal Care Insights report cites unnamed experts who say this pattern is common across the industry: beauty apps often treat facial data as a marketing asset rather than sensitive personal information. The MAC case is still in its early stages, so no judgment has been entered. However, it has already prompted consumer advocates to call for clearer regulations on biometric data collection in commercial apps.

Why it matters for you

At first glance, letting an app analyze your face for a shade recommendation might seem harmless. But the risks are real:

  • Data persists long after the try-on. Unlike a mirror, an AI tool can create a permanent 3D map of your face. Once stored, that data can be used for purposes you never agreed to, such as targeted advertising, identity verification, or training other AI systems.
  • Biometric data cannot be changed. If your password is stolen, you can reset it. If a company leaks your facial recognition pattern, you can’t get a new face. That makes this kind of information especially valuable to hackers—and especially dangerous if mishandled.
  • Permissions are often overly broad. Many beauty apps request access to your camera, photo library, and location. They may also ask for permission to save photos, share usage data, and even access your phone’s storage. These permissions are rarely necessary for the core function of matching a lipstick shade.

The MAC lawsuit underscores a point that privacy experts have raised for years: the convenience of “try before you buy” comes at a cost that many users don’t realize they are paying.

What you can do right now

You don’t have to stop using AI beauty tools altogether, but you can take a few practical steps to limit your exposure.

  1. Review app permissions. Every time you install a beauty app, check what it actually needs. Does it really require access to your entire photo library? If the answer is no, deny it. On iOS, go to Settings > Privacy > Camera and review each app. On Android, go to Settings > Apps > App permissions.

  2. Use virtual try-on sparingly. If the app offers a “guest mode” or doesn’t require a login, use that. Avoid creating an account unless you’re sure about the company’s privacy practices.

  3. Check the privacy policy—but be skeptical. Look for specific statements about biometric data, how long it’s stored, and whether it’s shared with third parties. The policy should clearly state that your facial data is not sold or retained after the session ends. If the language is vague (phrases like “improve our services” or “affiliated partners” are red flags), consider not using the tool.

  4. Opt out of data sharing and marketing. Many apps embed toggles for “behavioral advertising” or “product improvement.” Turn them off. On iOS, you can also use “Ask App Not to Track” (the prompt that appears when an app first launches).

  5. Use on-device processing when possible. Some newer beauty apps process images entirely on your phone—the data never leaves the device. Look for apps that advertise this feature. It’s a strong indicator of a privacy-conscious design.

  6. Consider using a temporary photo. If the app asks for a live selfie, take a fresh photo in a neutral setting, then delete it from your camera roll after the session. Better yet, use a photo that doesn’t clearly identify you (e.g., avoid background details that reveal your location).

What to look for in privacy policies

Reading a privacy policy is tedious, but you can scan for a few key terms:

  • “Biometric data” or “facial recognition” – does the app acknowledge collecting it?
  • “Third-party analytics” or “share with partners” – who gets the data?
  • “Data retention period” – how long is it stored?
  • “Deletion rights” – can you request that your facial data be removed?

If any of these are missing or unclear, treat the app as high-risk.

Sources

  • “MAC lawsuit highlights privacy risks in AI beauty tools, says expert,” Personal Care Insights, June 23, 2026. (Available via Google News)
  • General guidance on biometric privacy from the Electronic Frontier Foundation and the Federal Trade Commission (consulted for background context).

This article is based on publicly reported information as of June 2026. Lawsuits are ongoing and allegations have not been proven in court.