Snapchat: Your photos might not be so secure.
It's an app that would make Mission: Impossible's Ethan Hunt proud. But Snapchat's "self-destructing" images don't actually disappear – they are stored in a hidden folder on your phone and can be retrieved, according to a digital forensics company.
The premise of Snapchat was simple: send a photo or short video to a friend, and it will self-destruct after 10 seconds. That way, it won't wind up on the internet and ruin anyone's reputation, friendships or career.
Needless to say, that has made it a wildly popular choice for sexting. But Snapchat's appeal goes far beyond that. In an age in which "privacy" and "technology" have become almost antonymous, it has been billed as the anti-Facebook – a communications tool that deletes your data rather than preserving, analysing, and trading on it. In short, it's supposed to make messaging fun again.
But the app's security has never been ironclad. As the media have repeatedly warned parents, and parents in turn warned their kids, message recipients can still save a compromising image by taking a quick screenshot. But Snapchat tries to mitigate the risk somewhat by automatically notifying the sender when that happens. If someone screenshots you, it's a virtual slap in the face. If they don't, you can assume you're in the clear.
Except that apparently you can't. Orem, Utah-based firm Decipher Forensics has figured out a way to recover supposedly deleted images from the recipient's phone. The process isn't simple: 24-year-old Decipher forensics examiner Richard Hickman said it takes him about six hours, on average, to image the phone's data. So far he can only do it with Android devices, though he's working on doing the same for iPhones. But his firm is now offering to perform the recovery procedure for anyone who wants it, from parents to lawyers to the police, for $US300 to $US500.
Snapchat is trying to brush off the finding. "We're not really paying much attention to it," spokeswoman Mary Ritti told US News. "I mean, it's forensic software."
She has a point. Forensic software can also recover lots of other things you thought you had deleted from your phone or computer, provided the data hasn't yet been overwritten by other files. The reason we don't all live in fear of this happening is because it requires someone to take possession of your device, then spend a bunch of time and money combing through the hidden data. If they can do that, odds are you have other security problems on your hands besides the potential recovery of some embarrassing snapshots.
Still, Snapchat's users are unlikely to be mollified if it turns out their nude selfies have been preserved for posterity after all.
If Snapchat's young founders soon find themselves on the wrong end of a successful lawsuit, the lesson won't be that they failed at protecting their users' privacy. It will be that it's dangerous to build a business on the illusion of privacy in the first place.
Will Oremus is the lead blogger for Future Tense, reporting on emerging technologies, tech policy and digital culture.