Venmo, the mobile payments app owned by PayPal, is changing its privacy settings after a BuzzFeed News story uncovered President Joe Biden’s account earlier this month.
The move allows people to make their friend lists private or restrict who can see them, adding a privacy feature to an app that digital rights groups and critics have called a security nightmare. Two weeks ago, BuzzFeed News used public friend lists, which previously cannot be made private, to find the president, the first lady, and members of their immediate family, showing how the app can put people at risk.
A spokesperson for Venmo confirmed that the “hide friends” feature has been added and told BuzzFeed News, “We are enhancing our in-app controls providing customers an option to select a public, friends-only, or private setting for their friends list.”
On Friday, Jane Manchun Wong, a software engineer who regularly exposes features being tested by companies like Facebook and Twitter before they are released, found that Venmo was building a way to allow people to make friend lists private and tweeted a screenshot. When she experimented with the feature, she told BuzzFeed News, she could toggle options to make her friend list visible to the public, to her friends on the app, or only to her. There was also an option that apparently allowed her to hide her account from other people’s friend lists.
After several tests, BuzzFeed News reporters could still see some friends lists that had been set up private, suggesting the change may take some time to become fully functional.
“I’m glad Venmo is working quickly to fix this privacy flaw,” Wong said. “Having my Venmo friend list being visible to everyone, I found it odd that they didn’t provide an option for people to make it private.”
For years, digital rights groups like the Electronic Frontier Foundation, security researchers, and journalists have warned that Venmo’s public friend lists were a privacy threat. Founded in 2009 on the idea that payments could be another form of social content, Venmo allowed people to pay each other and post about those payments to its public feed and other social media platforms.
While many people have criticized the company for making transactions on the app public by default, Venmo’s public friend lists are a separate privacy issue. Even if a person were to set their Venmo account to make payments private, their friend list had remained exposed, providing a window into their personal life that could be exploited by trolls, stalkers, police officers, and scammers.
Venmo was the only major social network that had a contact-based friend list that could not be made private. Because people use Venmo to get paid, they often use a variation of their real name and real photos of themselves. The app encourages people to import their phone’s contact list or Facebook friend list, creating networks where people can friend hundreds of other people on Venmo to allow them to pay others more easily.
To remove someone as a friend, a user has to unfriend the person manually.
“It’s past time for Venmo to take this step, and it’s definitely a step in the right direction,” Gennie Gebhart, the acting activism director at the Electronic Frontier Foundation, told BuzzFeed News. “What we’d really like to see Venmo do next is make privacy the default for friend lists and transactions, not just a settings option.”
Another privacy issue with Venmo is how it handles people’s photos. BuzzFeed News reported that Venmo stores all old profile photos on its servers, with no way for people to remove them. These old photos are also easily discoverable by lightly editing the image URL on the web version.
In 2018, PayPal settled charges from the FTC over its privacy settings and made it easier for people to find the privacy settings for transactions. However, even after the FTC suit, the default for new users was to have all transactions public.
It’s unclear whether friend lists will still be public by default for new users.
“We applaud Venmo for taking a step in the right direction,” Kaili Lambe, a senior campaigner with Mozilla, told BuzzFeed News. “However, consumers shouldn’t have to dig around in product settings to find basic privacy protections. Consumers expect privacy to be the default and so do we.”