Venmo Settles Privacy Violations

The Federal Trade Commission (FTC) announced that it has reached a settlement with PayPal over the handling of privacy disclosures and money withdrawals in its peer-to-peer payments app Venmo.

The FTC complaint stated that Venmo users were told that money credited to their balances could be transferred to external bank accounts without letting users know that the funds could be frozen or removed based on Venmo’s review of the transaction.

As a result, many consumers suffered from financial difficulties, such as being unable to pay their rent or other bills, because they could not transfer the money when needed.

“Consumers suffered real harm when Venmo did not live up to the promises it made to users about the availability of their money,” said Acting FTC Chairman Maureen K. Ohlhausen. “The payment service also misled consumers about how to keep their transaction information private. This case sends a strong message that financial institutions like Venmo need to focus on privacy and security from day one.”

The FTC also charged that Venmo wasn’t honest with consumers about their financial accounts being protected by “bank grade security systems,” and also violated the Gramm-Leach-Bliley Act’s Safeguards and Privacy Rules.

In fact, some information about transactions between users was displayed on Venmo’s social news feed. While Venmo offers privacy settings to limit who can view those transactions, the company was not upfront about how those settings work.

The settlement prohibits Venmo from misrepresenting any restrictions on the use of its service, its privacy settings, and its level of security. The company needs to also make certain disclosures about its transaction and privacy practices, and is prohibited from violating the Privacy Rule and the Safeguards Rule.

“Our users are the focus of everything we do and our goal is to ensure they have a positive experience when using Venmo, an app that is beloved by our customers,” according to a statement from Venmo. “We are pleased to conclude this process with the FTC in a cooperative way. This brings to an end the investigation that included focus on Venmo platform issues and practices prior to acquisition by PayPal. Since then, as a core part of PayPal’s and Venmo’s business and operations, we’ve taken steps to significantly strengthen our privacy and data security practices. The company will continue to invest heavily in programs designed to create better user understanding and to enhance privacy. We believe these investments will further support Venmo’s unique user experience and the continuing growth of its role in the lives of our users.”


New PYMNTS Report: Preventing Financial Crimes Playbook – July 2020 

Call it the great tug-of-war. Fraudsters are teaming up to form elaborate rings that work in sync to launch account takeovers. Chris Tremont, EVP at Radius Bank, tells PYMNTS that financial institutions (FIs) can beat such highly organized fraudsters at their own game. In the July 2020 Preventing Financial Crimes Playbook, Tremont lays out how.