By Chris Ferrell
On May 8th, the Federal Trade Commission (“FTC”) announced that Snapchat, a mobile application company, had agreed to settle with the FTC over several charges, including deceptive advertising, failure to maintain security features, and collecting data from application users. The FTC alleged that Snapchat deceived users by claiming that their “snaps” (which are pictures users take with their cell phones and send to other users) would “disappear forever” after being viewed. According to Snapchat, users send 400 million photos and videos per day. However, recipients of a snap can save the snap in different ways, including: taking a “screen shot” of the picture, downloading the picture as original content, or, at the extreme, hacking into different Snapchat users’ accounts and stealing their photos. We’ve previously covered the legal ramifications of taking a screenshot of snaps in the context of revenge porn.
The FTC further alleged that Snapchat’s failure to secure its “Find Friends” feature resulted in a security breach that enabled attackers to compile a database of 4.6 million Snapchat usernames and phone numbers. Snapchat also allegedly took contacts from Apple iOS users’ address books, as well as geolocation information from people using Android-based phones. Snapchat does not have to pay a fine, but, under the settlement, it is prohibited from misrepresenting the extent to which it maintains the privacy and security of users’ information. Snapchat must also implement a comprehensive privacy program that will be monitored by a third-party privacy group for the next 20 years. Although Snapchat claims to have already addressed the FTC’s concerns by “improving the wording of their privacy policy” and implementing security counter measures, is that enough to allow applications like Snapchat to continue to exist?
The easiest way to prevent pictures from being leaked is to simply not use the app, but where’s the fun in that? Around 26 percent of 18 to 29-year-old smartphone users report using Snapchat, and this number is growing rapidly for users 18 and younger. Snapchat is touted as a $3.6 billion business, with snaps being used as advertisements for the hit HBO show Girls, Taco Bell, and LeBron James for McDonald’s. The popularity of Snapchat is only growing. Snapchat’s alleged security breach is just one of many recent private data breaches, and it does not seem likely that the FTC settlement agreement will shut the application down. But, from a legal standpoint, what does this settlement mean for other applications with models like Snapchat?
Well, moving forward, if these applications wish to remain in the good graces of the FTC and other government watchdogs, they should clearly articulate that the data gathered will not disappear forever. In this day and age, it is nearly impossible for photos, videos, or messages in any form to be deleted entirely. Moreover, these applications should have adequate security measures, at both the software and end-user levels, including two-step verification and encrypted messaging. Finally, these applications might want to think twice when touting their privacy protections.
Washington Journal of Law, Technology & Arts 