SnapChat’s privacy controls are what made it both enormously popular and troubling to its young users’ parents. When SnapChat launched, it gave users the ability to share photos and videos which promptly vanished into the ether. This appealed to its typically young and privacy conscious users because they finally had a way to share stuff with each other with impunity. This obviously bothered parents and teachers as it potentially gave their children a way to share content they shouldn’t share.
An Federal Trade Commission investigation has led to acknowledgements that content posted on SnapChat isn’t nearly as temporary as everyone may have thought. The New York Times published an article titled “Off the Record in a Chat App? Don’t Be Sure” which began with the following:
What happens on the Internet stays on the Internet.
That truth was laid bare on Thursday, when Snapchat, the popular mobile messaging service, agreed to settle charges by the Federal Trade Commission that messages sent through the company’s app did not disappear as easily as promised.
Snapchat has built its service on a pitch that has always seemed almost too good to be true: that people can send any photo or video to friends and have it vanish without a trace. That promise has appealed to millions of people, particularly younger Internet users seeking refuge from nosy parents, school administrators and potential employers.
Oversight or lie?
The FTC’s release includes the following background to its investigation and its stance:
Snapchat, the developer of a popular mobile messaging app, has agreed to settle Federal Trade Commission charges that it deceived consumers with promises about the disappearing nature of messages sent through the service. The FTC case also alleged that the company deceived consumers over the amount of personal data it collected and the security measures taken to protect that data from misuse and unauthorized disclosure. In fact, the case alleges, Snapchat’s failure to secure its Find Friends feature resulted in a security breach that enabled attackers to compile a database of 4.6 million Snapchat usernames and phone numbers.
According to the FTC’s complaint, Snapchat made multiple misrepresentations to consumers about its product that stood in stark contrast to how the app actually worked.
“If a company markets privacy and security as key selling points in pitching its service to consumers, it is critical that it keep those promises,” said FTC Chairwoman Edith Ramirez. “Any company that makes misrepresentations to consumers about its privacy and security practices risks FTC action.”
Touting the “ephemeral” nature of “snaps,” the term used to describe photo and video messages sent via the app, Snapchat marketed the app’s central feature as the user’s ability to send snaps that would “disappear forever” after the sender-designated time period expired. Despite Snapchat’s claims, the complaint describes several simple ways that recipients could save snaps indefinitely.
Consumers can, for example, use third-party apps to log into the Snapchat service, according to the complaint. Because the service’s deletion feature only functions in the official Snapchat app, recipients can use these widely available third-party apps to view and save snaps indefinitely. Indeed, such third-party apps have been downloaded millions of times. Despite a security researcher warning the company about this possibility, the complaint alleges, Snapchat continued to misrepresent that the sender controls how long a recipient can view a snap.
SnapChat published a brief statement about its agreement with the FTC on its blog which includes the following statement which is fairly worrying:
On the one hand, the FTC essentially found that SnapChat has been misleading its users about its service’s privacy practices and, on the other hand, SnapChat pointed to a communications lapse, almost as an oversight. Considering that SnapChat has always been focused on the fleeting nature of content posted on the service and the privacy benefits for its users, this doesn’t seem very plausible.
We collect information you provide directly to us. For example, we collect information when you create an account, use the Services to send or receive messages, including photos or videos taken via our Services (“Snaps”) and content sent via the chat screen (“Chats”), request customer support or otherwise communicate with us. The types of information we may collect include your username, password, email address, phone number, age and any other information you choose to provide.
When you send or receive messages, we also temporarily collect, process and store the contents of those messages (such as photos, videos, captions and/or Chats) on our servers. The contents of those messages are also temporarily stored on the devices of recipients. Once all recipients have viewed a Snap, we automatically delete the Snap from our servers and our Services are programmed to delete the Snap from the Snapchat app on the recipients’ devices. Similarly, our Services are programmed to automatically delete a Chat after you and the recipient have seen it and swiped out of the chat screen, unless either one of you taps to save it. Please note that users with access to the Replay feature are able to view a Snap additional times before it is deleted from their device and if you add a Snap to your Story it will be viewable for 24 hours. Additionally, we cannot guarantee that deletion of any message always occurs within a particular timeframe. We also cannot prevent others from making copies of your messages (e.g., by taking a screenshot). If we are able to detect that the recipient has captured a screenshot of a Snap that you send, we will attempt to notify you. In addition, as for any other digital information, there may be ways to access messages while still in temporary storage on recipients’ devices or, forensically, even after they are deleted. You should not use Snapchat to send messages if you want to be certain that the recipient cannot keep a copy.
If you read the second paragraph carefully, you’ll notice the following exceptions to what most users assumed was the service’s default behaviour: permanently deleting Snaps after specified time intervals. I have highlighted the exceptions in the quotes below.
- “Similarly, our Services are programmed to automatically delete a Chat after you and the recipient have seen it and swiped out of the chat screen, unless either one of you taps to save it“
- “… users with access to the Replay feature are able to view a Snap additional times before it is deleted from their device”
- “… if you add a Snap to your Story it will be viewable for 24 hours“
- “Additionally, we cannot guarantee that deletion of any message always occurs within a particular timeframe“
- “We also cannot prevent others from making copies of your messages …”
- “In addition, as for any other digital information, there may be ways to access messages while still in temporary storage on recipients’ devices or, forensically, even after they are deleted“
The last sentence emphasises how much its users should rely on the service for meaningful privacy:
You should not use Snapchat to send messages if you want to be certain that the recipient cannot keep a copy.
Where does this leave SnapChat users?
The problem with these revelations is not that Snaps are actually accessible and may endure in some form or another. The problem is that SnapChat pitched a service that doesn’t retain its users’ content. SnapChat rose to prominence at a time when the world was reeling from revelations about unprecedented government surveillance which seemed to reach deep into a variety of online services we assumed were secure. It’s promise was to protect its users’ privacy and their content from unwanted scrutiny. In many respects, SnapChat seemed to be the first of a new wave of services that placed control in users’ hands.
In the process, SnapChat misled its users fairly dramatically and that is the most troubling aspect of this story. SnapChat users relied on an assumption that their content is transient and this has turned out not to be the case at all. Putting this into context, though, this doesn’t mean SnapChat is inherently less private than any other chat service. Short of poor security practices, this isn’t necessarily the case. It means that SnapChat is fairly comparable to other chat services which haven’t made similar claims about the privacy of their users’ communications.
That said, a significant challenge is that a significant proportion of SnapChat’s users are probably under the age of 18. Although US services are more concerned about children under the age of 13 using their services due to certain laws protecting children in the United States, our law doesn’t draw this distinction. In South Africa, a person under the age of 18 is a child and subject to special protections which SnapChat has had almost no regard for. Not only has SnapChat arguably processed children’s personal information in a manner which would not be acceptable in our law, it is misled those children about the extent to which it protects their privacy. At the very least, they and their parents should be very concerned and circumspect about continuing to use the service.
On a related note, it is worth reading Information Week’s article titled “5 Ways SnapChat Violated Your Privacy, Security“.