The only reasonable explanation I have is that he got flagged by Snapchat automatically who reported him to the authorities immediately. Even without E2E encryption, how would they intercept the message as the app is most likely communicating with the server via HTTPS or SSL?
