Snapchat is a multimedia messaging app used globally.It is the most fun way to share the moment with friends and family.
Snaps are photos or videos that, if not saved, typically disappear after being received (or after 24 hours if posted to a user’s Story).
It have been discovered that employees of one of the biggest social media Snapchat Inc. have been abusing internal company data tools to access data of its users and spy on them.
Snap Inc. is an American technology and camera company, based in Santa Monica, California that has four products: Snapchat, Spectacles, Bitmoji, and Zenly.
Two former employees said multiple Snap employees abused their access to Snapchat user data several years ago. Those sources, as well as an additional two former employees, a current employee, and a cache of internal company emails obtained by Motherboard, described internal tools that allowed Snap employees at the time to access user data, including in some cases location information, their own saved Snaps and personal information such as phone numbers and email addresses
Without the users knowledge,there are people with access to highly sensitive customer data who needs it for their everyday activity.Without proper protections and controls in place, the same people may abuse it to spy on user’s profile and private information.One of such tool is snapLion.
SnapLion is a tool which is used to collect information on users in handling law enforcement requests. A former employee said SnapLion is “the key to the kingdom”
Tools like SnapLion are an industry standard in the tech world, as companies need to be able to access user data for various legitimate purposes. Although Snap said it has several tools that the company uses to help with customer reports, comply with laws, and to enforce the network’s terms and policies, employees have used data access processes for illegitimate reasons to spy on users, according to two former employees.
According to Vice
A Snap spokesperson wrote in an emailed statement “Protecting privacy is paramount at Snap. We keep very little user data, and we have robust policies and controls to limit internal access to the data we do have. Unauthorized access of any kind is a clear violation of the company’s standards of business conduct and, if detected, results in immediate termination.”
A former employee thought that years ago, SnapLion did not have a satisfactory level of logging to track what data employees accessed.This means the company at a satisfactory level could not track who uses a system and what data was access and to make sure it is being used appropriately.Afterwards, the company implemented more monitoring.
Currently,it is not unknown whether SnapLion is still used to abuse user’s information.