Exactly one year after having user data stolen by hackers, Snapchat won final approval Wednesday on its settlement with the Federal Trade Commission for failing to secure its users’ information as well as deceiving users over the disappearing nature of photos sent through the service.
The settlement, cleared after a public comment period, requires the Los Angeles startup to implement a privacy program to be monitored by an independent privacy professional for the next 20 years. It also prohibits Snapchat “from misrepresenting the extent to which it maintains the privacy, security or confidentiality of users’ information,” the FTC said.
The charges stem from an FTC complaint announced in May that Snapchat was misleading users by claiming that photos and videos sent through its service disappeared after they were viewed by their recipients. In reality, there are many ways to store content sent through Snapchat.
Another part of the FTC’s complaint said that Snapchat was not being honest with users on how much personal data it collected and the security measures that it took to protect that information. The vulnerabilities of Snapchat’s measures were put on display last New Year’s Eve when the company fell victim to a cyberattack that resulted in millions of usernames and phone numbers being divulged.
“We are devoted to promoting user privacy and giving Snapchatters control over how and with whom they communicate,” Snapchat said when the FTC settlement was first announced in May. “That’s something we’ve always taken seriously, and always will.”
But other than the FTC complaint, Snapchat had itself a fine 2014. The company is said to have hit more than 100 million monthly users, it began running advertisements, it introduced messaging and video chatting features and it acquired a handful of other startups for several million dollars. Not too bad for a three-year-old startup.