The GDPR deadline is looming, and many tech companies are scrambling to get their data collection and processing practices in order. Snapchat is no exception.
The app has over 180 million daily active users, most of which are under 30 years old; a significant number is underage, which is a particularly protected group under the GDPR.
Snapchat’s often-criticised feature, the Snap Map, will come with a larger set of privacy controls. The Snap Map allows other users to view the real-time precise location of Snapchat users, as long as their app is open. Schools and police have issued warnings regarding this feature, as is presents a huge safety risk for unaware teenagers.
The feature was rolled out in an update and required users to opt-in, however the app was rather insistent in soliciting them, so many were opted in unknowingly anyway. When opted in, Snapchat stores location history of its users, but it will stop doing so for underage users from the European Union.
Users will also find it easier to disable geolocation options and opt-out from the feature altogether.
Presumably, Snapchat won’t take advantage of lower age limits set by some of the other EU countries (which some have set to as low as 13). The GDPR requires parental consent for processing of data related to children, defined as individuals under 16 under the GDPR, and further states that companies should take reasonable steps to ensure that parental consent is valid.
The company wants to cease processing any personal data of users aged 16 and below so as not to require parental consent. Children aged 13 or up will still be able to register and use the service. Owing to its nature as a more discreet app with shorter retention periods and generally less personal data collection taking place, it will certainly find it easier to comply than giants like Facebook or Google.
Of course, Snapchat is not the first to enact changes in advance of the looming General Data Protection Regulation, set to enter into force on 25 May. In contrast to Snapchat’s decision, last week WhatsApp opted to raise its minimum user age to 16 in a bid to ensure compliance with the GDPR. However, it won’t require any parental consent so the measure is trivially easy to circumvent.
In its press release, Snap concluded that “to the extent Snap relies on consent to process personal data of users between 13 and 16, we will make the reasonable efforts required to confirm that consent has been given by someone who holds parental responsibility while respecting the need to minimize further data collection“.