Venmo Settles Privacy Violations

The Federal Trade Commission (FTC) announced that it has reached a settlement with PayPal over the handling of privacy disclosures and money withdrawals in its peer-to-peer payments app Venmo.

The FTC complaint stated that Venmo users were told that money credited to their balances could be transferred to external bank accounts without letting users know that the funds could be frozen or removed based on Venmo’s review of the transaction.

As a result, many consumers suffered from financial difficulties, such as being unable to pay their rent or other bills, because they could not transfer the money when needed.

“Consumers suffered real harm when Venmo did not live up to the promises it made to users about the availability of their money,” said Acting FTC Chairman Maureen K. Ohlhausen. “The payment service also misled consumers about how to keep their transaction information private. This case sends a strong message that financial institutions like Venmo need to focus on privacy and security from day one.”

The FTC also charged that Venmo wasn’t honest with consumers about their financial accounts being protected by “bank grade security systems,” and also violated the Gramm-Leach-Bliley Act’s Safeguards and Privacy Rules.

In fact, some information about transactions between users was displayed on Venmo’s social news feed. While Venmo offers privacy settings to limit who can view those transactions, the company was not upfront about how those settings work.

The settlement prohibits Venmo from misrepresenting any restrictions on the use of its service, its privacy settings, and its level of security. The company needs to also make certain disclosures about its transaction and privacy practices, and is prohibited from violating the Privacy Rule and the Safeguards Rule.

“Our users are the focus of everything we do and our goal is to ensure they have a positive experience when using Venmo, an app that is beloved by our customers,” according to a statement from Venmo. “We are pleased to conclude this process with the FTC in a cooperative way. This brings to an end the investigation that included focus on Venmo platform issues and practices prior to acquisition by PayPal. Since then, as a core part of PayPal’s and Venmo’s business and operations, we’ve taken steps to significantly strengthen our privacy and data security practices. The company will continue to invest heavily in programs designed to create better user understanding and to enhance privacy. We believe these investments will further support Venmo’s unique user experience and the continuing growth of its role in the lives of our users.”


Featured PYMNTS Study:

More than 63 percent of merchant service providers (MSPs) want to overhaul their core payment processing systems so they can up their value-added services (VAS) game. It’s tough, though, since many of these systems date back to the pre-digital era. In the January 2020 Optimizing Merchant Services Playbook, PYMNTS unpacks what 200 MSPs say is key to delivering the VAS agenda that is critical to their success.