Snapchat employees spied on users without their consent: Here's how

Shubham Sharma

Snapchat employees spied on users without their consent: Here

24 May 2019: Snapchat employees spied on users without their consent: Here's how

After Facebook, the concerns of personal data security have shifted towards Snap, the owner of ephemeral photo-sharing service Snapchat.

A scary report from Motherboard has revealed that some employees of the company had abused an internal tool to glean personal Snaps, emails, and even the location of some Snapchat users.

Snap hasn't commented on the matter thus far.

Here's everything you should know.

Issue: SnapLion for mining personal data

Speaking to Snap's former and current employees, Motherboard learned about the existence of a tool called SnapLion.

It is available across several departments and can be used by employees to view confidential user information, like their location, emails, phone numbers, and saved snaps.

The program was designed to share user information in compliance with "court orders or subpoena" and to investigate cases of abuse/harassment.

Abuse: Apparently, the tool was abused

SnapLion's department-wide availability allowed Snap employees to use the tool for internal cases.

One former employee cited in the report claimed the tool was abused a few times in the company several years ago.

There is no way to say how widespread the abuse was, but an email seen by Motherboard showed SnapLion was once employed for looking-up email in a non-enforcement context.

Questions: Many questions remain unanswered

The report shows that SnapLion might have been abused by multiple individuals, but there are no specific details of these cases.

Also, there is no saying when the abused occurred, if it is still happening and whether Snap took any action against the employees who abused their power.

The company, on its part, hasn't given any insight into the matter.

Snap's comment: What Snap said on the matter

Speaking to Motherboard, a spokesperson for the company reaffirmed that privacy is 'paramount' to them and user-data access is protected and limited by robust policies.

"Unauthorized access of any kind is a clear violation of the company's standards of business conduct and, if detected, results in immediate termination," the spokesperson claimed, without providing any details of the employee reports.