Snapchat, the messaging service that claims all posts will magically disappear after a short time, has settled with the FTC for misleading customers.
Apparently the messages don’t actually disappear as Snapchat originally claimed. They can be saved using tricks and third-party tools (which is not terribly surprising). However, it turns out that videos and messages were being saved in a repository outside of the app's auto-clearing sandbox, making them accessible when connected to a computer and searching the file directory.
Snapchat was also accused of harvesting location details and other user info (like contacts) which allowed researchers to build a database of over four million user names and their matching phone numbers.
"If a company markets privacy and security as key selling points in pitching its service to consumers, it is critical that it keep those promises," said FTC Chairwoman Edith Ramirez. "Any company that makes misrepresentations to consumers about its privacy and security practices risks FTC action." As part of the settlement, Snapchat also faces monitoring from an "independent privacy professional" for the next 20 years.
Imagine that! A company that gathers and stores user info so that they can build demographic profiles and thus make their services more attractive to potential advertisers. How could something like that happen in this oh-so-secure world?
Now I agree that if you promote your service as being secure when it isn’t all that secure after all then you should pay the consequences. But I’m pretty sure that Snapcat never told customers that they wouldn’t try to make a profit somewhere down the line by gathering information.
That sounds pretty clear to me.