“Before u send any photo, msg or video, consider how u would feel if it reached a broader audience than you intend”, the FTC tweeted today after announcing a settlement with Snapchat, a popular messaging app that promised its users that their messages disappeared once expired. Users are able to take photos, record videos, add text and drawings, known as snaps, and send them to a controlled list of recipients. Users also set a time limit for how long recipients can view their snaps (up to 10 seconds), and Snapchat claimed that after the time limit expired, the snaps would “disappear”. However, the Commission alleged the snaps can be saved in several ways, such as using a third-party app or taking screenshots of snaps, without detection.
The FTC also alleged that Snapchat misled consumers about how much personal information was collected and the security measures in place to protect such information through its Find Friends feature. For example, the app transmitted users’ location information and collected data like address book contacts, despite stating that it did not collect such information. Further, the Commission charged that Snapchat’s failure to secure this feature resulted in a security breach that allowed hackers to compile a database of 4.6 million Snapchat usernames and phone numbers.
The settlement prohibits Snapchat from misrepresenting the extent to which it maintains the privacy, security, or confidentiality of users’ information. Snapchat is also required to implement and maintain a comprehensive privacy program for the next 20 years. The Commission stated that the settlement with Snapchat is part of the FTC’s ongoing effort to ensure that companies market their apps truthfully and keep their privacy promises to consumers.