
Marco Polo is less a video call app and more a video sharing app. There are no real-time calls. Instead, users record and share videos (or texts or audio-only recordings)--called Polos--with people in their contacts. Record a video of you dancing with your dog. Upload it and leave it for your friend or family group. They'll hop on and view it when they have a moment and reply with a video of their own. Call, respond, Marco, Polo. Get it? Marco Polo has been around since 2014. Thanks to pandemic growth, some enthusiastic celebrity users like P!nk, Amy Poehler, and Ice T, and apparently the US state of Utah (which one report said has the app's biggest user base, who knew?), Marco Polo now has over ten million users worldwide.
What could happen if something goes wrong?
Marco Polo seems to do an OK job protecting your privacy. It uses encryption in transit and at rest. It does not use stronger end-to-end encryption because they say they want to be able to retrieve those precious memories of yours stored on their servers if you happen to lose your phone. One thing that does worry us a little is how Marco Polo handles the deletion of those precious Polo videos. If you chose to delete your account, remember to delete all your Polos first, as it appears users aren’t able to delete these videos after you delete your account. And any Polos you don’t delete can remain accessible to other users. What's the worst that could happen? Well, we’d hate for that super embarrassing Polo you sent that one drunken night to remain available to dig up even after you delete your Marco Polo account. No one needs that stuff hanging around the internet forever.
Can it snoop on me?
Camera
Device: N/A
App: Yes
Microphone
Device: N/A
App: Yes
Tracks location
Device: N/A
App: Yes
What can be used to sign up?
No
Phone
Yes
Third-party account
No
What data does the company collect?
Personal
Name, photo, mobile number, email, birth day and/or birth month, voice from video calls
Body related
Social
Contacts, the content you create, including videos (or “Polos”), photos, short video clips you share with selected contacts (or “Scrapbook moments”), and text messages.
How does the company use this data?
How can you control your data?
What is the company’s known track record of protecting users’ data?
In the past, Marco Polo sent text message invitations from your phone to your top contacts without explicit permission. These invitations used your nickname from their contact list, thus personalising a message like "Hi bunny! Please download Marco Polo app, so that I can send you a video!"
Can this product be used offline?
User-friendly privacy information?
The privacy policy is written using overly abstract language, and it seems to hide the app's weaknesses behind legalese clauses.
Links to privacy information
Does this product meet our Minimum Security Standards?
Encryption
No end-to-end encryption, but encryption at rest and in transit.
Strong password
There is no password requirement in Marco Polo. To sign up, an SMS authentication is used.
Security updates
Marco Polo is updated weekly, and each update is annotated with what is new.
Manages vulnerabilities
Vulnerabilities can be reported here https://www.marcopolo.me/vulnerability-policy/
Privacy policy
Dive Deeper
-
Marco Polo has been around for years, but it’s blowing up amid the pandemicThe Verge
-
Data Breach of the Week — Marco PoloAlly
-
Someone knows something about this Marco Polo app that we don’tTechCrunch
Comments
Got a comment? Let us hear it.