Snapchat is photo-sharing app developed by students at Standord University. What makes it different from other photo sharing apps, and the reason that it has achieved mass popularity, is that it lets senders limit how long a photo (or short video) can be viewed by it recipients – from 1 to 10 seconds (usually, although Snapchat is currently rolling out a ‘Stories’ feature which keeps photos for 24 hours), before it is (supposedly) permanently deleted. This allows people to send photos to friends, lovers etc. with the confidence that the potentially compromising or embarrassing photos will never rear their head again to haunt the sender in a future life.
Unfortunately for those who relied on the discretion this service provides, on Monday the company admitted in a blogpost to retaining some photos, and handing them over to law enforcement bodies.
‘Since May 2013, about a dozen of the search warrants we’ve received have resulted in us producing unopened snaps to law enforcement,” said Snapchat director of operations Micah Schaffer.
Schaffer did explain that only unopened photos had been handed over (as opened ones are deleted from the Snapchat servers), and that this had only been done in compliance with a search warrant issued under the terms of the Electronic Communications Privacy Act (ECPA).
‘So what is a circumstance when we might manually retrieve a Snap, assuming it is still unopened? For example, there are times when we, like other electronic communication service providers, are permitted and sometimes compelled by law to access and disclose information. For example, if we receive a search warrant from law enforcement for the contents of Snaps and those Snaps are still on our servers, a federal law called the Electronic Communications Privacy Act (ECPA) obliges us to produce the Snaps to the requesting law enforcement agency.’
This revelation is likely to come as shock to the millions of Snapchat customers who used precisely because they believed it afforded them complete privacy. It also demonstrates, yet again, that no US based company can be trusted to keep users’ private data private.