Senator says Snapchat 'hiding something' by skipping data breach hearing

Filed Under: Data loss, Featured, Privacy, Social networks

Jay Rockefeller 170Snapchat has drawn fire from US Senator Jay Rockefeller, the powerful chairman of the Senate Committee on Commerce, Technology, and Transportation, for refusing to testify in a hearing on data breaches.

Snapchat, a photo and video-sharing mobile app that boasts more than 30 million monthly active users, suffered a data breach this January in which 4.6 million usernames and phone numbers were dumped online.

Rockefeller said during the hearing Wednesday, 26 March 2014, that by refusing to appear the company indicated that it was "hiding something."

When people refuse to testify in front of this committee, my instincts... are they are hiding something. In this instance, on this subject, I think it warrants closer scrutiny.

Snapchat has proven to be quite controversial for reasons beyond its app's appeal to a certain set for sending sexually explicit messages (aka, "sexting").

When it comes to data security and privacy, the company seems to have a rather dismissive attitude. Prior to January's data breach, security researchers warned Snapchat of a security blunder that allowed unlimited database searches of users' phone numbers.

But rather than fixing the loophole in its security, Snapchat thumbed its nose and dismissed it is merely "theoretical" - an issue which nevertheless soon became a reality.

Rockefeller has proposed new legislation that would empower the Federal Trade Commission to enforce data security standards, which has gained momentum after the epic data breach of US retailer Target.

"While Congress deserves its share of the blame for inaction, I am increasingly frustrated by the industry’s disingenuous attempts at negotiations," Rockefeller said, according to Reuters.

A Snapchat spokesperson said that the company had "cooperate[d] fully" with the committee.

While a representative from Snapchat was not able to testify, we did cooperate fully with the committee and its staff. We provided information in advance of the hearing and we are committed to continuing that dialogue.

Disappearing credibility?

For those unfamiliar with it, the Snapchat app allows users to send photos or short videos to others on the service. When a user receives images or videos from another user, they can view it for up to 10 seconds before it becomes inaccessible on the app.

Disguise. Image courtesy of ShutterstockSnapchat gained popularity by selling itself as a way to send fleeting, spontaneous messages that would be deleted after the recipient viewed them.

There are several ways, however, in which images can be accessed after sending, but that didn't stop the company's marketers from saying on Google's Play Store - falsely - that images "disappear forever."

A new feature rolled out by Snapchat last October, called Snapchat Stories, also allows users to send related messages that last for 24 hours before they become unviewable via the app - not exactly fleeting.

As the company advises in its privacy policy, "Snaps" are not deleted right away from its servers, or even from the phones of recipients. Snaps and other user data may also be turned over to authorities who request them.

When you send or receive Snaps, we also temporarily collect, process and store the contents of the Snaps (such as photos, videos and/or captions) on our servers. The contents of Snaps are also temporarily stored on the devices of recipients.

Once all recipients have viewed a Snap, we automatically delete the Snap from our servers and our Services are programmed to delete the Snap from the recipients’ devices. However, users with access to the Replay feature are able to view a Snap additional times before it is deleted from their device.

We cannot guarantee that deletion always occurs within a particular timeframe. We also cannot prevent others from making copies of your Snaps (e.g., by taking a screenshot).

Youthful indiscretion

In a sign that Snapchat is entering the mainstream, companies such as McDonald's have begun using the service to reach its rapidly growing user base.

However, Snapchat has its strongest following among young people, and it is growing at an extremely fast rate among the younger set.

According to Business Insider, 46% of 12-24 year-olds in the US have used Snapchat - compared to just 13% of the overall population - surpassing the 36% of people in that age group who have ever used Twitter.

Having grown up using social networks, smartphones and the internet, the millennial generation seems to be exhibiting attitudes towards privacy that conflict with previous generations'.

As Naked Security writer Mark Stockley argues in an astute article on evolving attitudes about sharing personal data, young people may end up paying a price for their indiscretions.

Profound change in social norms does not happen overnight and anyone ahead of the curve is putting themselves in the firing line, and in this particular social revolution, a lot of those in the firing line are minors.

Even as young people flock to services like Snapchat, these social networks are frequently making those decisions about privacy for them.

Image of disguise mask courtesy of Shutterstock.

, , ,

You might like

6 Responses to Senator says Snapchat 'hiding something' by skipping data breach hearing

  1. Andy · 556 days ago

    Or maybe it's that people have no faith and trust in Congress and see no value it sitting in the hot seat being grilled by people who think the internet is a series of tubes.

    • John Zorabedian · 551 days ago

      I wonder - would you have the same reaction if Target decided not to show up to a hearing on data breaches? (They were asked to show up for this particular hearing, and did).

      Anyway, isn't the internet actually just a series of tubes? :-)

  2. Joe · 556 days ago

    I have mixed feelings about compelling businesses -- even obnoxious ones -- to testify before Congress for data breaches while Congress itself is doing nothing to protect citizens from the #1 security threat of all -- the US government.

  3. LonerVamp · 555 days ago

    "Get to market as soon as possible. Think about security later when someone proves we need to think about it."

    The question then becomes: Is that a good (or realistic) approach? And if so, when do you "get serious" about security?

  4. It is because we are tired of the government meddling in our affairs to the degree they are. They are getting too big and pushing so many regulations that it is stifling innovation and deincentivising new business.

    Minors are the responsibility of their parents, not the government.

    • DuranPhillip · 555 days ago

      There's a difference between reading and understanding.

      The key here has nothing to do with minors, but everything to do with data breaches and how the industry handles security and responds to issues when they crop up. So let's read the article again.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

John Zorabedian is a blogger, copywriter and editor at Sophos. He has a background in journalism, writing about technology, business, politics and culture. He lives and works in the Boston area.