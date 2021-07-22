



As part of a biggest overhaul, the Venmo payment application stopped its public worldwide feed. This means the Venmo app will no longer show you transactions from strangers or show strangers. your transactions in one place. It is a big step in the right direction. But, while the redesigned app will roll out to users over the next few weeks, it’s unclear what Venmos defaults will be going forward. If Venmo and parent company PayPal take privacy seriously, the app should make privacy the top priority. by default, not just an option still buried in settings. Currently, all transactions and friend lists on Venmo are public by default, detailing who you live with, where you like to hang out, who you date, and where you do business. It doesn’t take a lot of imagination to come up with all the ways it could harm real users, and the Venmo Privacy Horror Gallery is good–documented at this point.

However, Venmo apparently has no plans to make transactions private by default at this point. It would be wasting the opportunity it currently has to finally listen to the concerns of Venmo users, journalists, and defenders like FEP and Mozilla. We hope Venmo will reconsider its decision. There is nothing social about sharing your credit card statement with your friends. Even a seemingly positive transition from public defaults to friends-only defaults would maintain much of the status quo invading Venmos privacy. This is in large part because of Venmos ‘track record of aggressively seeking out users’ phone contacts and Facebook friends to fill their Venmo friend lists. The Venmos installation process prompts users to connect their phone contacts and Facebook friends to Venmo. From there, the automatic sync can continue silently and persistently, filling your Venmo Friends list with people you haven’t expressly chosen to connect with on the app. In some cases, there is no option to turn off this automatic synchronization. There’s nothing social about sharing your credit card statement with a random subset of your phone contacts and Facebook friends, and Venmo shouldn’t make this type of disclosure the default.

It’s also unclear if Venmo will continue to offer a public setting now that the Global Stream has gone. Public settings would still expose users ‘activities on their individual profile pages and on Venmos’ public API, leaving them vulnerable to the type of targeted spying for which Venmo has become infamous. We were delighted to see Venmo recently take the positive step of give parameters to users to hide their friend lists. Throwing away the frightening global flow is another positive step. Venmo still has time to make transactions and friend lists private by default, and we hope it makes the right choice. If you haven’t already, change your Transaction and Friend List settings to private by following the steps in this post.

