Snapchat: Too Chatty For Its’ Own Good

Not too long ago Snapchat was soaring high, in fact earlier this month they added two new communication features to their already successful platform. In addition to their photo or ‘snap’ sharing, they added video calling and chat features. This was a big deal as in the previous version of the application, you had to send a picture if you wanted to communicate. Now, you are able to use a picture as a start into a conversation and not have to wait to capture an image that encompasses what you want to reply. They have expanded it to a full chatting interface. You can now video call or send: text messages, ‘snaps’, and photos or videos from your camera or gallery. So with this great development, what went wrong?

They lied.

Previously, users were comfortable sending silly or inappropriate ‘snaps’ with the safe knowledge that it was automatically deleted once viewed by the recipient. Moreover, if a copy is kept it would only be if a screen-shot has been captured, and the sender would  more often than not be notified of this. This is all explicitly laid out in their guide for parents where they wrote: “In most cases, once the recipient has viewed a message, it is automatically deleted from Snapchat’s servers and cannot be retrieved,” and later on they wrote, “Snapchat attempts to detect when recipients take a screenshot and sends a notification to the sender, when possible.”

However a study on Decipher Forensics a US digital forensic service firm, showes how this was in fact false. Snapchat was not even designed to erase the files.

The Federal Trade Commission (FTC) released a Press Release about how Sanpchat have accepted the charges against them for a breach of privacy and security. Not only were their issues relating to the storage of the ‘snaps’ but also the amount of personal data that was being collected by the service. Additionally they found issues relating to the lack of security measures being taken to secure that data from abuse and unauthorized disclosure to other third party applications.

The FTC said  “Despite Snapchat’s claims, the complaint describes several simple ways that recipients could save snaps indefinitely,”  and that “failure to secure its Find Friends feature resulted in a security breach that enabled attackers to compile a database of 4.6 million Snapchat usernames and phone numbers,”

The company has admitted to the flaws and wrote in a blog post: “When we started building Snapchat, we were focused on developing a unique, fast, and fun way to communicate with photos. We learned a lot during those early days. One of the ways we learned was by making mistakes, acknowledging them, and fixing them…While we were focused on building, some things didn’t get the attention they could have. One of those was being more precise with how we communicated with the Snapchat community…  We had resolved most of those concerns over the past year by improving the wording of our privacy policy, app description, and in-app just-in-time notifications. And we continue to invest heavily in security and countermeasures to prevent abuse.”

CloudWedge