Snapchat has released new privacy and security plans, and hopefully – unlike its pictures – they’ll be here to stay. Even though Snpachat has been hitting the headlines this week with its new ‘best friends’ emoji features and low level lighting, here’s why this news is way more important!
Notoriously shaky on privacy and security issues, Snapchat has unveiled three major new pieces of information about how it’s planning on keeping its customers safe; namely, by providing transparency reports, a bug bounty program, and clamping down on third party apps that let users save messages permanently.
The company is only four years old, but has come far in such a short space of time with its ‘self-destructing’ photo messaging service (although it did get in big trouble for the description that messages would be gone forever, which isn’t strictly true!). Overall 800 million snaps are sent each day and the company’s latest funding reckons it’s worth $15bn; and companies are even using Snapchat for campaigns – you can now send money to another Snapchat user too.
But no amount of success can make up for shoddy security practices, and – inevitably – it has come under attack more than once; both from hackers and from those that think it should be doing more to protect its users. This includes the FTC which has placed it on a probationary list, along with several other major tech companies.
The company’s new transparency reports are a good start to making amends though, providing info on any government requests it’s had for user data. The requests seem to be relatively low, with 375 requests between Nov last year and Feb this year, and many of those didn’t give up any data; apparently most of them were around metadata anyway – who the person was contacting, not the content of the message. It promises to release a report every six months.
It’s also started a bounty bug programme, paying people to find bugs in its software and paying them ‘bounties’ based on how apocalyptic the bug is. The idea is sort of like an open, large-scale version of penetration testing (which is advisable for any business).
Finally, it’s kicked third party apps to the curb, which were letting some little tinkers save snaps; which was the complete opposite of the point of the app, and also lead to The Snappening last year, where hackers stole 90,000 images from the apps and posted them online. The company has been working on making it harder for people to access its API, but now has hopefully found a way to completely keep the apps out. It’s even promised to block users who try and use third party apps.
Plus, Snapchat is acknowledging the need for more security, hiring some security big guns, and making it an ongoing priority. The team has said it feels like the mistakes were understandable considering there were so few of them and the massive growth they experienced, but arguably security should be a top priority from the start.
Some security experts say that Snapchat is now sufficiently fulfilling its obligations to its users; but others are saying that it still has a way to go – notably, that end-to-end encryption is missing, which would scramble the image between the ‘snapper’ taking it and the ‘snappee’ receiving it. As with any company, hopefully Snapchat will start to take security and privacy more seriously, and continue to improve its safeguards; otherwise it could be the company, and not its messages, that soon disappears.
For more information on the security solutions available to you at UKFast take a look at our website or give us a call on 0208 045 4945.