TECHNOLOGY
BRIAN X. CHEN
There’s an app for snooping on your friends, family and colleagues to find out about their dinners, the people they’re dating and the parties they’re attending.
But it’s not Facebook. It’s Venmo, the app that became popular more than a decade ago by enabling people to send mobile payments to one another and to post those transactions.
Even if you seldom use Venmo today, the app may be leaking sensitive information about you to the general public.
I recently discovered that my contacts list, which includes the names of people in my phone book, was published on Venmo for anyone using the app to see.
That’s because more than a decade ago, Venmo made people’s contact lists visible to its users. It created an option to hide the address book only two years ago.
Venmo is a strong example of how even as social norms shift the ways we use technology, the companies and their apps don’t change much. Venmo was founded in 2009 as a music start-up that let users buy songs from bands through a text message. By the time eBay acquired it in 2013, it had become a mobile wallet service that was trendy among younger people who were gung-ho about sharing information about themselves online.
At the time, social media was novel, and posting your thoughts, movements and achievements for everyone to know about was cutting edge, not sinister. Since then, we have learned that sharing such seemingly innocuous information can be hazardous. Stalkers, employers or data brokers can use the data to study our whereabouts and activities.
But Venmo remains an app with a strong social networking element, one of many in a generation of apps that are now nearly 15 years old.
In the early 2010s, Venmo rode the coattails of Facebook and Twitter, which brought the concept of a public timeline into the mainstream. Venmo allowed people to publicly post to a feed details of payment transactions, including the dollar amount, time, date and a description, such as a pizza or taxicab emoji.
Venmo, now owned by PayPal — which spun off from eBay in 2015 — has made some changes over the years to protect its users’ privacy. In 2021, it disabled its global feed, a stream where users could see Venmo transactions among strangers.
But critics say the app still falls short. Today, you can see transactions among people who are not your friends if you visit their profiles.
Venmo is still set by default to publicly share when you receive or make a payment. There’s an option to make the transaction private, but if you don’t notice the setting, you could unknowingly broadcast payments.
“It’s not just that I went out to pizza with this person,” said Gennie Gebhart, a managing director at the Electronic Frontier Foundation, a digitalrights nonprofit. “It’s a pattern of who you live with, interact with and do business with, and how it changes over time.”
Last month, The Guardian discovered through a Venmo feed that an aide for Justice Clarence Thomas was taking payments from lawyers who have had business with the Supreme Court, a potential conflict of interest. The aide has since hidden his Venmo activity from public view.
Venmo said in a statement that it had worked to change its privacy measures for customers and that privacy settings could be controlled within its app. “The privacyand safety of allVenmo users is always a top priority,” the company said.
To prevent your day-to-day life from being broadcast on Venmo, click the Me tab inside the app, tap the settings icon and select Privacy. Under default privacy settings, select Private. Then, under the “More” section in Privacy, click “Past Transactions” and make sure to set that to “Change All to Private.”
Venmo has made the contacts list, which can be generated from your smartphone’s address book or your Facebook friends list, viewable to other users.
That can make a lot of information public. In 2021, my colleague Ryan Mac, who was then at BuzzFeed News, used Venmo to discover President Biden’s account and personal contacts list. Mr. Biden later deleted his Venmo account.
On a personal level, a public address book can reveal a new romantic partner to an ex. For professionals, it could expose a doctor’s patients, a journalist’s sources or a salesperson’s clients.
To hide your contacts list from public view, visit the privacy settings, click on Friends List and select Private. Also, toggle off the option for “appear in other users’ friends lists.”
All tech companies change their data-sharing features and settings over time. So take a moment to scroll through your phone and review the settings inside apps you haven’t used in a while to see if there’s something you missed.
-- New York Times (Star Advertiser, August 20, 2023, page E6)
