The big picture: How Snap created its user privacy-friendly image

A year of Facebook missteps has allowed Snap to marry lessons from the social network giant with its own fundamental approaches to privacy and data collection.

Why it matters: With increased scrutiny of social media companies' practices when it comes to user privacy, Snap can gain an edge by cultivating an image of deep concern for this issue — but it will also have to show it's learned from its own early mistakes.

The latest: Snap took some time to roll out its third-party developer kit, Snap Kit, which is similar to Facebook's third-party developer tools. Snap says its approach to letting outside developers into its network is much more user privacy-focused than fellow social media companies.

Where Snap got lucky: From the start, Snap had some fundamental differences from other social media companies like Facebook — notably, it didn't believe in ultra-targeted ads based on invasive levels of user data.

• This existing attitude and approach also influenced how Snap handled GDPR compliance, it says. "We're thoughtful about data we collect, like ethnicity, sexuality etc.," said Katherine Tassi, Deputy General Counsel, Privacy and Product told Axios when rolling out Snap's GDPR update. "We're really careful to make sure that we're sensitive to user replies to advertisers, like giving users control over their lifestyle categories and the ability to control which interests they are targeting ads against."
• Speaking at Recode's conference, CEO Evan Spiegel offered this:

"The way that you treat user privacy is really important. For us, that goes back to when we were in my dorm room. When it was just me and Bobby, when there were three or four people using our products, we cared about data retention. It’s taken seven years for people in the technology industry to take a look at what we’ve done, getting rid of personal information rather than storing it, hoarding it forever. And to say, 'Hey, that actually kind of makes sense.'"

Lessons from Facebook: But Snap was also able to quietly watch Facebook's missteps over the past year and adjust its products and marketing based on the public's reactions to the social giant.

• For example, Snap limits the data it will share with outside developers to a user's display name and Bitmoji avatar. It's explicit about never sharing data about their friends, in a tacit reference to Facebook's multiple gaffes regarding this.
• And while Snap says it's been working on its compliance with Europe's GDPR for years, it was able to craft an announcement of its policy in a way that touched on points that were contentious in Google and Facebook's announcements, including data retention and access practices.

But, but, but: Snap will still have prove that it's learned from its own mistakes as well. In 2014, it had to settle charges with the FTC over its data retention claims to users and, in late 2013, 4.6 million users' data was leaked after the company ignored a security researcher's warning.

Go deeper: Big Tech's reprieve may be short.