By Chris Ferrell

On May 8th, the Federal Trade Commission (“FTC”) announced that Snapchat, a mobile application company, had agreed to settle with the FTC over several charges, including deceptive advertising, failure to maintain security features, and collecting data from application users. The FTC alleged that Snapchat deceived users by claiming that their “snaps” (which are pictures users take with their cell phones and send to other users) would “disappear forever” after being viewed. According to Snapchat, users send 400 million photos and videos per day. However, recipients of a snap can save the snap in different ways, including: taking a “screen shot” of the picture, downloading the picture as original content, or, at the extreme, hacking into different Snapchat users’ accounts and stealing their photos. We’ve previously covered the legal ramifications of taking a screenshot of snaps in the context of revenge porn.

The FTC further alleged that Snapchat’s failure to secure its “Find Friends” feature resulted in a security breach that enabled attackers to compile a database of 4.6 million Snapchat usernames and phone numbers. Snapchat also allegedly took contacts from Apple iOS users’ address books, as well as geolocation information from people using Android-based phones. Snapchat does not have to pay a fine, but, under the settlement, it is prohibited from misrepresenting the extent to which it maintains the privacy and security of users’ information. Snapchat must also implement a comprehensive privacy program that will be monitored by a third-party privacy group for the next 20 years. Although Snapchat claims to have already addressed the FTC’s concerns by “improving the wording of their privacy policy” and implementing security counter measures, is that enough to allow applications like Snapchat to continue to exist? Continue reading →