Who Can See What You Do on Venmo?

Since then, Venmo has slowly made some changes to its app, including clearer privacy disclosures. And it removed its social feed of all users’ payment histories in July 2021, shortly after BuzzFeed journalists reported finding President Biden’s Venmo account in less than 10 minutes using nothing more than the app’s search function. Social feeds are now limited to your personal networks. 

In the past, Venmo’s public profiles have been used in a number of ways that underscore the real-world issues of a digital wallet that doubles as a social network.

In 2019,  a viewer of “The Bachelor” uncovered the winner of the ABC reality show, months before it was revealed publicly, by reportedly scrolling through Venmo payments and spotting connections between the bachelor’s contacts and that season’s winner. In 2023, The Guardian reported that a former top aide to Supreme Court Justice Clarence Thomas was paid several times by lawyers who had business before the court, including one who successfully argued to end race-based affirmative action at U.S. universities. (The payments appeared to have been connected to the justice’s 2019 Christmas party, according to The Guardian.) This year, Wired found Republican vice presidential nominee JD Vance’s public Venmo account, with more than 200 contacts ranging from tech executives and media personalities, like Carlson, to Jeff Flake, the anti-Trump former U.S. senator, and a host of government lobbyists.

Law enforcement agencies have also turned to Venmo as a rich source of investigative material, using the app to aid probes into the drug overdose death of the late rapper Mac Miller and alleged underage sex trafficking and prostitution involving U.S. Rep. Matt Gaetz (R-Fla.). 

Privacy experts have sounded the alarm about Venmo for nearly as long as the app has been around. In 2018, a developer and designer in Berlin analyzed a year’s worth of public Venmo payments—nearly 208 million transactions representing about 8 million Venmo users. Aside from documenting the mostly mundane daily lives of those with public payment histories, the report found some interesting trends: The most common note attached to payments included the word “pizza” or the pizza emoji nearly 3 million times. The developer was also able to plot out users’ rent payments, who their roommates were and with whom they shared taxi and Uber rides, their group work and personal trips, and, in the example of one individual, scores of drug deals they were involved with—personal details that are far too revealing, experts say.

In 2022, a team of researchers from the University of Southern California and the University of Texas analyzed 389 million public Venmo payment messages over an eight-year period. Their peer-reviewed paper, “I know what you did on Venmo,” detailed how Venmo users had unintentionally revealed their most personal information in payment descriptions: bank account passwords, membership in biker gangs and criminal organizations, details of Alcoholics Anonymous groups, and sensitive health information, among others.

“Since the report came out, I’ve taken a more active role with my friends on Venmo,” said Jelena Mirkovic, an associate research professor and project leader at the USC Information Sciences Institute and a co-author of the Venmo report. “I recently paid for window washing and I said to [the contractor], ‘Hey, do you know that your profile is public.’ The person didn’t know and they were like, ‘Oh, thank you, I’m going to make it private.’ And I keep saying it to everyone I know.”

Mirkovic and her team asked Venmo whether the company would share its data with researchers. Mirkovic said Venmo didn’t respond—but the company did end up paying the USC and Texas researchers $1,899 as part of its “bug bounty” program because they spotted software bugs in the app when doing their study.

Mirkovic said the few changes Venmo has made to its privacy policies over the years still fall far short. “It’s a patch on a gaping wound,” she said.

The researchers found one encouraging trend: An increasing number of Venmo users were opting to make their payment settings private, up from 25 percent of users in 2013 to 37 percent in 2018. Venmo hasn’t released such figures, so it’s unclear whether that trend has continued as the app’s user base has grown. But a 2018 poll by the Mozilla Foundation and Ipsos found that 77 percent of Americans opposed public-by-default settings on financial apps.


Source link
Exit mobile version