TWO OF THE INDUSTRY'S most outspoken voices have clubbed together to formally warn mobile payment service Venmo that it's time to clean up its act.
The Electronic Frontier Foundation (EFF) and The Mozilla Foundation have penned a joint open letter to Venmo, pointing out that its privacy settings are not what it considers acceptable.
The two foundations have been pushing Venmo for change since it launched in 2018. The app, a subsidiary of PayPal, makes transactions public by default, meaning it is very easy to build up a profile of who your friends are, where you go with them and how much you're spending.
Venmo has an option to switch this off, but it doesn't stretch to your friend list, which means anyone with a mind to can see who you know and who you've paid.
The letter points to evidence of how the app can be used in the interest of "uncovering how countless Venmo users' drug habits, junk food vices, personal finances, and fights with significant others are available for all to see."
It goes on to point out that a petition of 25,000 signatures organised by Mozilla has been ignored, despite a security researcher writing a script that is able to scrape up to 115,000 transaction details a day.
Earlier research showed that inferring the transactions and contextualising them around attached messages, the language, tone and use of emojis allowed hackers to build up a pretty comprehensive picture of how people are related.
The letter continues: "The list of people with whom you exchange money paints a startlingly clear picture of the people who live, date, and do business with you. Just as Venmo has given users newsfeed privacy settings, it must give them, at a minimum, equivalent friend list privacy settings.
"In an era of massive financial data breaches, consumers are increasingly concerned and Venmo has the opportunity to lead the way by making privacy its default. "
Venmo is yet to comment. μ
Watch your back, Huawei
Porn-based prattery gets fisted
As long as it follows the rules
The Home in the home could be a legal minefield