FTC Calls Out Snapchat for Weak Security and Misleading Practices
Remember that embarrassing snap you sent to all of your Snapchat friends last weekend knowing it couldn’t come back to shame you? What about the time you put in your phone number so Snapchat could help you find people you know? Or how about the time your privacy was secure because that was the Snapchat promise? According to the Federal Trade Commission, all that reality of Snapchat was not always the case.
Most users of Snapchat should know by now that other users can take a screenshot on their phone in order to store a snap they receive. But Snapchat had a system to alert users if this occurred. So, everything was okay, right? Not according to the FTC — and that was only a small part of what was wrong. The complaint against Snapchat claims that users were misled about how snaps, their privacy, and their data was handled, if not simply left uninformed about what Snapchat was doing with information.
In terms of pictures, one of the problems was that from October 2012 to October 2013 the Frequently Asked Questions section of Snapchat’s website claimed “snaps disappear after the timer runs out” and there is thus no way to view them after that point. This was notably untrue, as have been numerous methods to save snaps, either by capturing them or accessing them through other applications, and even the screenshot notifications can be worked around. It was also possible to view and save video snaps because they were stored outside of the app’s storage space and weren’t encrypted. These problems made up Count 1 and Count 2 in the case against Snapchat, but the FTC ended with six counts against the tech company.
The FTC further claimed that Snapchat had been getting hold of more information than it told users it would. For one, Snapchat had been collecting the contents of users’ mobile address books while only making it seem like users only needed to enter their own phone number to find their friends. This was the case up until September 2012, when iOS began notifying users if apps accessed the address book.