Scandal | Snapchat employees accused of misusing personal data

Snapchat employees accused of misusing personal data

It’s been a rough 18 months for Snap Inc, parent company of social media platform Snapchat; in October 2018 the brand’s stock fell dramatically by 10% to a new low of $6.84 – a massive 60% below its IPO price. What followed was a revolving door of senior management, with the likes of CFO Tim Stone and HRD Jason Halbert.

Now, mere days after CEO Evan Spiegel announced that his overhaul of the brand’s leadership team was complete, Snapchat has fallen headfirst into a new controversy.

A report published on Vice subsidiary Motherboard has revealed that employees across several departments can view user location information, saved Snaps, phone numbers, e-mail addresses and other sensitive data through an internal tool known as ‘Snaplion’.

Whilst it is unknown if use of the tool was promoted by management, or the extent to which the tool was abused by staff, one anonymous Snapchat employee was quoted telling a Motherboard journalist that to their knowledge, data access abuse happened at least ‘a few times’.

In total, Motherboard spoke to four former employees and a current employee – all of whom confirmed the existence of the ‘Snaplion’ tool. Two former employees were quoted stating that data infringements took place over a number of years, whilst e-mails obtained by Motherboard revealed evidence of an employee using the tool to look up a customer e-mail address outside of work context.

For HR practitioners it might spark fears about their own data processing processes. Since GDPR, 1,000 organisations have paid fines for failing to fully comply with the regulation. Here are five ways that HR can help prevent a data breach or reduce its impact according to shrm.org:

1. Paying close attention to who is being hired 

This may sound incredibly simple, but it is important that HR knows exactly who is being hired. The company will need employees that they can trust and rely on, particularly if their job exposes them to information of a sensitive nature.

2. Accounting for equipment

During the recruitment process, HR should ensure that a checklist is complete so that the company has a record of all the equipment the new recruit requires. When it comes to the time that the employee decides to depart, HR can refer to the checklist to ensure that no sensitive information is removed from the business.

From our content partner

3. Train employees to spot issues

Employees may not be aware of how to identify and isolate security-related issues. This could be anything from a scam email that gives the impression it is from a colleague when it’s actually not. The site suggests that HR should ensure that employees are trained on how to recognise scams and how to identify genuine emails that are sent from real colleagues to avoid any issues.

4. Making sure that workers speak up

It is crucial that when a breach or attempted breach occurs, employees who handle personally identifiable information (PII) feel confident approaching the appropriate members of staff. This will help control the situation and result in a swifter resolution.

5. Creating a culture of compliance

For this to happen effectively, HR should be liaising with all departments in the business, whether it be finance, IT or security. And to ensure that this is filtered all the way through the business, compliance cooperation must start at C-Suite-level.



Have you enjoyed this piece?

Subscribe now to myGrapevine+ and get access to exclusive new content, and the full content archive.

Be the first to comment.

You are currently previewing this article.

This is the last preview available to you for 30 days.

To access more news, features, columns and opinions every day, create a free myGrapevine account.