In recent years, we are seeing more and more scandals regarding data privacy of websites and smartphone applications that we use daily. Facebook, Instagram, Whatsapp, all three apps owned by Facebook have faced security scandals.
Now, Snapchat is joining the bandwagon as multiple sources have confirmed the existence of the tools and abusers within the company. A total of five witnesses have confirmed to the truth of this issue along with the cached file found by Motherboard. This tool allowed people to gain access to users’ data such as saved snaps, geolocation tagging and even as far as phone numbers and email addresses.
Snap has repeatedly emphasize the importance of data abuse and user privacy, taking cases related to such things seriously. These people who have access to internal processes and data use a tool that was originally meant to combat cyber-bullying and to help law enforcement workers to spy on users.
Those people who have access to SnapLion, a tool which existence has only been revealed, are considered to own “the keys to the kingdom”.
As opposed to what people think to be a clean app, the company has actually been accused of collecting, storing, and transmitting geolocation data in 2014 by FCC. However, the existence of the tool itself is common and in fact, a standard protocol.
“Multiple individuals” were involved in abusing their access to users’ personal information. However, it wasn’t clear what kind of abuse takes place and how far did the perpetrators proceeded with their actions.
Snapchat spokesperson mentioned in an email statement, “Unauthorized access of any kind is a clear violation of the company’s standards of business conduct and, if detected, results in immediate termination.” Snap does monitor their employees access to user data, however, the system does not have the perfect logging system.
Addressing the common security issue these days, Leonie Tanczer, a lecturer in International Security and Emerging Technologies at University College London says, “For the normal user, they need to understand that anything they’re doing that is not encrypted is, at some point, available to humans.”