Snapchat has settled with the Federal Trade Commission over charges it deceived users into thinking their data on the media-sharing service disappeared, as well as charges it failed to secure its “Find Friends” feature.
Following a hack exposing 4.6 million users’ phone numbers, the FTC filed charges alleging Snapchat misled users about their data security and the nature of the "disappearing" messages. This settlement stems from those charges. There’s no financial component, so Snapchat doesn’t have to pay up, but if it violates the agreement, the company will have to pay a civil penalty of a maximum $16,000 per violation. This is good news for Snapchat users worried about the company’s spotty security record, since it now has a financial incentive to be good.
The original FTC complaint outlined the many different ways Snapchat users could save or recover snaps, illustrating that the company's claims that these communications were ephemeral were false.
“If a company markets privacy and security as key selling points in pitching its service to consumers, it is critical that it keep those promises,” FTC Chairwoman Edith Ramirez said in a statement. “Any company that makes misrepresentations to consumers about its privacy and security practices risks FTC action.”
CEO Evan Spiegel was cavalier in his initial round of apologies for his security breaches, so it is a good sign that the company is now admitting it overlooked crucial details. Security experts repeatedly warned Snapchat of its vulnerabilities in the months leading up to the hack, and were unhappy with the way Snapchat treated them and addressed the weaknesses they pointed out. Those may be the members of the “Snapchat community” the blog post mentions.
Image via Fernando Alfonso III