Privacy Matters, Snapchat Agrees

Gabriel Garig

In recent years online privacy has been a growing concern for not just users, but employers, schools, and other institutions. On one hand, users can have a much more personal and secretive life to themselves online than in person and argue this is their human right to personal privacy. However on the other hand, many agencies, institutions schools and even users argue that this secrecy is what leads to and fuels illicit activity from child exploitation to terrorism. This was exemplified in December of 2015 when tech giant Apple Inc. refused to release encryption tools to the FBI in order to continue their investigation of the San Bernardino terrorist attacks.

Founding of popular social media platform Snapchat has sparked further interest specifically regarding communications privacy due to the unique way the iOS and Android application handles content storage and logs. In spring of 2016, Snapchat surpassed leading social media platforms as it had become the dominant social media application utilized by teenagers age 13 to 17 and this dominance is only growing. With many schools now instructing on the importance of digital footprints and online privacy, Snapchat seems to understand that 60 percent of its users aged 13 – 24 call for new securities and privacy in their online activities.

After spending some time reading over the official Snapchat Law Enforcement Guide which not only informs law enforcement agencies on proper procedures to summon information from Snap Inc.’s servers but also gives an important insight to the nature of Snapchat’s safeguards for user privacy. The guide is available online but for those who don’t want to read through the ten chapters of legal procedures and clauses, let me lay down some key principles and features for three important areas: protecting user conversations and snaps from unwanted eyes – protecting personal privacy such as personal contact information and network usage – and finally the exceptions to these rules.

One of the most common questions I have seen is “does Snapchat save all my snaps in some super secret open season library for the government to spy on me?” and the answer is no. As far as photos and videos go the actual content is saved either until all recipients have opened the message – replayed it as many times as allowed by the sender – can no longer replay the message and in the case of stories content is stored for 24 hours or until the snap is deleted. Unopened snaps will remain available for viewing to the recipients for 31 days before the content is wiped from Snap Inc.’s servers. This system of deleting snaps is not without a small catch. Each snap sent generates a metadata file with information containing extraneous however useful details such as recipients and time sent. These metadata files are stored in Snap Inc’s server for only 31 days before being wiped from the servers completely. Memories (Snap Inc’s cloud storage service) are the only exception to these rules because photos, videos and stories are kept until deleted by the user.

What may concern more users is the privacy and security of their own personal contact information such as name, birthday, email, phone number and IP information which in Snapchat’s guide is referred to as “Basic Subscriber Information.” This information is only available upon request by subpoena or higher authority orders for information and must follow due process before being released to agencies. Snapchat also honors its promise to notify users in the case that their information has been summoned by any entity unless legally bound by confidentiality agreement to not notify the user or at Snapchat’s discretion assuming that notifying the user would be life threatening or risking serious bodily injury. It should be noted that if the data at request is set for deletion within the time period required for a warrant then Snap Inc. will maintain the data until the warrant can be obtained.

These safeguards for privacy abstain from unnecessary or unlawful passing of information, however, will give way if the right legal processes are taken. The retention of data on Snap Inc.’s servers can be requested by authorities as well, meaning that the typical 31 day periods can be surpassed for up to 90 days. In certain cases data can be requested to remain for one more 90 day period – 180 days total – but Snap Inc. has no legal obligation to retain data beyond this point. This means that in any case agencies can only keep a hold on personal information for up to six months. Snapchat’s cloud storage service “Memories” including a password protected “My Eyes Only” are also available at request and in the case of memories the information is always available unless the user deletes the content from their memories. Now you can rest easily or uneasily knowing how available your information is to alien eyes.