back to article PayPal's pal Venmo spaffs your pals' payments – and yours

PayPal-owned digital wallet Venmo shares way too much data via its public API, according to Berlin-based researcher Hang Do Thi Duc. If users accept the default setting on their account when they sign up, their transaction details are accessible via the service's API, making it “incredibly easy to see what people are buying, …

  1. Voland's right hand Silver badge

    Sharing is Caring

    SHARE!!!

    Including your (dirty) underwear.

    1. BillG
      Thumb Up

      Re: Sharing is Caring

      Default privacy settings should always be SHARE NOTHING. It should be a law. It should be in state, federal, confederate, federation, galactic constitutions.

  2. Chronos
    Joke

    Brummie exiles...

    Sounds like a Midlands term of endearment as in "Yo'm don't want to share all that, do thi, duc?"

  3. Chris G

    Weasels

    The words; "we take /insert particular case here/ very seriously" must now be some of the most devalued words in the language.

    Every mouthpiece from governments down to the local infants school all wheel out the same weasel words after they have screwed up because they are too stupid/ don't give a shit/ don't care etc regarding the personal information in their care.

    I notice more and more lately that many organisations are also trying to wriggle out of their responsibilities by describing their role as something not requiring responsibility or dumping the responsibility onto someone else.

    1. Loyal Commenter Silver badge

      Re: Weasels

      Paired with "We are very sorry" / "We deeply regret" etc. (note it's always 'we', not 'I'), before demonstrating complete lack of contrition but doing the same/similar again once everyone has stopped looking in their direction.

      1. Cpt Blue Bear

        Re: Weasels

        Or a nice passive aggressive "If we caused any distress".

        I'm becoming thoroughly sick of these statements getting no push back from reporters. What I'd give for spokesmorons / politicians / whatever to be confronted with questions like "Your actions show the complete oposite, how do you explain that?".

  4. Loyal Commenter Silver badge

    GDPR

    I can't see how they are compliant if any personally identifying information is being made public.

  5. Blockchain commentard

    But the big question is why it's even an option to make it public? Imagine if the banks let customers transactions available for all to see?

    1. joed

      No surprise. PayPal discloses unnecessary details of your transactions to your bank (when wiring funds to cover for the purchase). It should only provide PP transaction ID (that could be referenced when logged in to PP portal) but this would be too much to ask. The end result is not only potential privacy breach, but also - if bank didn't like some of details of PP transaction - possibility of your bank just bouncing the transfer and PP chasing you for failure to pay. Fun times fixing the mess, trust me on this one.

  6. Anonymous Coward
    Anonymous Coward

    'We take this responsibility and applicable privacy laws very seriously'

    "Please stay on the line, your call is important to us.... I promise not to cum in you... Of course I had a @#$@#$ test darling!".... Do corporations never get bored of saying this shit? Every ass in corporate PR, should have to attend 'Fight Club' every night of the week like its their first time!

  7. Dan 55 Silver badge
    Headmaster

    Am I a dinosaur?

    Why would anyone need or want to share payments or purchases with anyone else?

  8. Anonymous Coward
    Anonymous Coward

    I guess we can add this to the 100 other reasons why Cashless is a bad idea....

    The media is constantly baited into lapping up the PR of Cashless or sucking on the empty promises of Stripe / Venmo etc. Politicians especially need to be reminded to 'check' assumptions at the door.

    Nothing I say will change anything. Soon Facebook-Google et al, will decide who you can and can't send payments to. And all of them will leak transaction history or allow it to be hacked by not securing it well enough!

    ~~~

    Sales Pitch:

    ~~~

    https://www.rte.ie/news/business/2018/0612/970015-moneyconf-dublin/

    ~~~

    Versus Reality:

    ~~~

    https://www.bbc.co.uk/news/business-43645676

    https://www.bloomberg.com/news/articles/2018-02-18/-no-cash-signs-everywhere-has-sweden-worried-it-s-gone-too-far

    https://www.bloomberg.com/view/articles/2018-06-11/maybe-dollars-should-be-digital

    https://www.irishtimes.com/opinion/letters/why-cashless-society-is-a-dangerous-idea-1.2869212

    https://www.theregister.co.uk/2018/07/18/venmo_spaffs_transactions_to_worlddog/

    1. BillG
      Unhappy

      Re: I guess we can add this to the 100 other reasons why Cashless is a bad idea....

      A completely cashless society is the final nail in the coffin of personal privacy.

      1. MachDiamond Silver badge

        Re: I guess we can add this to the 100 other reasons why Cashless is a bad idea....

        Not only privacy, but any vestige of freedom. What would you say if you were trying to book a trip to France from the UK and got a message back that read "The Monitors do not wish you to travel outside of the country at this time"?

  9. Anonymous Coward
    Anonymous Coward

    10 Bensons, pack of Rizla green and sixteen Mars bars please

    Quick, monetise it by targetting pizza ads at the weed buyers...

  10. Doctor Syntax Silver badge

    “Our users trust us with their money and personal information"

    Fools!

    " we take this responsibility and applicable privacy laws very seriously. Like on other social networks, Venmo users can choose what they want to share on the Venmo public feed”

    Translation: We take it as seriously as other social networks, i.e. not at all.

  11. ida71u

    With CLOUDS you get RAIN

    RAIN = Random Access Information Network !

    Nuff said :(

  12. adam payne

    Why is this stuff even public? Why would there even be an option to make the stuff public?

    Surely GDPR should have slapped this one down by now.

  13. Anonymous Coward
    Anonymous Coward

    Bit late to comment on this

    As I was picking up my jaw from the floor. WFT?

  14. I sound like Peter Griffin!!

    hehehe

    ooooh ShareyBus - jump onto the bandwagon before you are left out and alone not doing whatever they do on the ShareyBus!!! vrooooooom

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like