So “the Snappening” happened last month, and 90,000 private photos taken by Snapchat users (mostly of an explicit nature) were leaked over the internet. But according to a new study by Sumpto, the majority of college students still trust Snapchat and will continue to use it. My thoughts are that Snapchat isn’t blameless, and people should be more wary of what they use it for.
So how did it happen?
Someone hacked into a server in Denmark that stored Snapchat photos. If you’re wondering how the photos got on a server in Denmark in the first place when they were supposed to disappear, you’re not alone. In these cases where photos were leaked, the intended recipient (another Snapchat user) was also using a service called SnapSaved that had the ability to save the “snaps” for future viewing, bypassing the original Snapchat auto-destruct feature. SnapSaved wasn’t helping people to save these pictures on their phone necessarily, but rather it was saving them onto this server in Denmark where people would have continued access to those pictures, unfortunately a hacker found a way in also.
Snapchat put out a statement shortly after claiming that its servers are secure and places the blame elsewhere for the “leak.” And I suppose that’s true to a certain degree. If the server where people were storing the pictures was in Denmark, and Snapchat didn’t own it, why then should Snapchat take any responsibility for being insecure? It’s a good argument but I think it redefines terms in a way that is designed to get you to stop thinking about the fact that they cannot address the real problem.
Let me explain:
What is the point of the auto-destruct feature of Snapchat’s messaging about if it’s not a security or privacy feature? There is none. And what would you call the action of giving a third-party a security code that would allow them access to files that were supposed to self-destruct if not a hack? I think “hack” is as good a term as any. So let’s be clear – Snapchat was hacked every time someone used SnapSaved to log into Snapchat and save files, and that was the easy part.
If people were only storing these images on their phone, and people do just by taking screenshots, then victims could claim that their trust was only violated by the person that they intended to view the picture. But since the motherload of pictures were stolen all at once and shared with the entire world, we’re no longer addressing the initial violation of trust.
The problem with Snapchat’s rationale is, most people started using snap chat because of the disappearing nature of the messages. It made them feel more secure and willing to send and disclose more. It’s an interesting statement from Snapchat, where they blame any leaks on their own users, but it’s a bit of victim blaming if you ask me. While Snapchat asserts that their servers (or whatever) have always been totally secure, Snapchat’s service, what people actually care about, has never been and will probably never be. Other people were always the problem with any privacy violation – Snapchat aimed to take care of that with a disappearing message and that just didn’t work.