Snapchat prides itself on privacy. They’ve built their entire business on the idea that when you send a photo or a video to a fellow Snapchat user, that data disappears after it’s been viewed. This would have been considered madness in the first several eras of the internet – why would someone want to make content if it was just going to disappear?
But here’s the thing: There’s a point at which this data (photos and videos, and more) exist on Snapchat’s servers. According to the report this week, current and former Snapchat employees have proof of a group of users (primarily or entirely comprised of Snapchat employees) gaining access to private Snapchat user data – including photos and/or videos.
Your snaps seem ephemeral, which makes it easy to forget that Snapchat employees can view your data under certain circumstances — and potentially abuse that access.
One tool, called SnapLion, reportedly gives Snapchat employees the “keys to the kingdom.”
Snapchat employees used internal tools to spy on users, according to a report Thursday from Motherboard. The data abuse reportedly happened “a few times” and was carried out by “multiple” people. Two former employees told Motherboard about abuse that allegedly happened several years ago.
Snapchat reportedly has several internal tools that let employees access user data for legitimate reasons, such as fulfilling police requests and enforcing its policies. One tool called SnapLion, which was originally intended to help comply with law enforcement requests, was used by multiple teams at Snapchat and provided “the keys to the kingdom,” according to Motherboard.
Motherboard noted in its report that it was unable to verify exactly how the data abuse occurred.
Snap, the parent company behind the social media app, said that protecting user privacy is “paramount.”
“Any perception that employees might be spying on our community is highly troubling, and wholly inaccurate,” a Snap spokesperson said in an emailed statement Friday. “We keep very little user data, and we have robust policies and controls to limit internal access to the data we do have, including data within tools designed to support law enforcement. Unauthorized access of any kind is a clear violation of the company’s standards of business conduct and, if detected, results in immediate termination.”
More from Twitter below.