If Snapchat's promise of self-destructing videos and images sounded too good to be true, that's because it was. The company agreed to settle charges with the Federal Trade Commission on Thursday following allegations that it made several misrepresentations to consumers about the app's security and privacy.
"If a company markets privacy and security as key selling points in pitching its services to consumers, it is critical that it keep those promises," said FTC chairwoman Edith Rameriz in a statement. "Any company that makes misrepresentations to consumers about its privacy and security practices risks FTC action."
Snapchat's central feature promised users that they could send images and videos that disappear forever after the sender-designated time period expired. According to the complaint, these claims were false. The complaint also alleged that the app tracked and transmitted some users' location information and collected data from their address books without their consent.
[Snapchat dives deeper into mobile messaging. Read Snapchat Debuts Mobile Messaging, Video Chat.]
Snapchat addressed its settlement with the FTC in a blog post, acknowledging its missteps. "While we were focused on building, some things didn't get the attention they could have," it said. "One of those was being more precise with how we communicated with the Snapchat community."
The FTC did not impose a monetary penalty, but the company will be subject to independent privacy monitoring for the next 20 years. If it violates the terms of the settlement, the company could face penalties of up to $16,000 per violation.
Here's a look at how Snapchat violated your privacy and security, according to the allegations, plus instructions for deleting your account.
1. Recipients may have saved your images
Despite the app's promises, your images did not necessarily disappear forever. According to the complaint, a number of developers built applications that users could download to save picture and video messages without your knowledge. Ten of these applications in the Google Play store alone have been downloaded as many as 1.7 million times.
Recipients of your Snapchat messages could also use their devices' screenshot capabilities to capture an image of a snap while it appeared on their screens, the FTC said. Snapchat claimed that if this happened, it would notify you immediately -- but that wasn't true. Any recipient with an Apple device with an operating system predating iOS 7 could save a screenshot without alerting you.
2. Recipients may have saved your videos
Until October 2013, recipients could connect their mobile devices to a computer and use file browsing tools to locate and save video files you sent them, the FTC said. This was possible because Snapchat stored video files in a location outside of the app's "sandbox," or the app's private storage area on the device, that other apps couldn't access.
3. Snapchat may have transmitted your location
4. Snapchat may have collected contact information from your address book
5. The "Find Friends" feature was not secure
Because Snapchat did not verify users' phone numbers during registration, some consumers complained that they sent images or videos to someone under the false impression that they were communicating with a friend. In reality, these messages were sent to strangers who had registered with phone numbers that did not belong to them.
This resulted in a security breach permitting attackers to compile a database of 4.6 million Snapchat usernames and phone numbers, which could lead to spam, phishing, and other unsolicited communications, the FTC said.
How to delete your Snapchat account
If you no longer use the service or wish to delete your account, you can do so in a few quick steps. Note that deleting the application from your device does not delete your account.
To delete your Snapchat account, visit snapchat.com/a/delete_account and enter in your username and password. It will ask you to enter in your account information again on the Delete Account screen. Then click the green button to confirm. This action cannot be undone.
Can the trendy tech strategy of DevOps really bring peace between developers and IT operations -- and deliver faster, more reliable app creation and delivery? Also in the DevOps Challenge issue of InformationWeek: Execs charting digital business strategies can't afford to take Internet connectivity for granted.