Musk’s tweet encouraged many to uninstall WhatsApp on their phone and switch to the rival platform, Signal. As many as 1.5 million people downloaded Signal in one day. Clearly, people value their privacy.
But if people knew the full extent of the history of how Facebook Messenger stored and used their information, the exodus would have been larger and come sooner. Let’s take a closer look at WhatsApp’s new policies to see how they’re fundamentally incompatible with genuine data security.
WhatsApp Has Shared Information with Facebook for Years
Understandably, believe WhatsApp only began sharing information with Facebook recently, as they just eliminated the phrase “if you are an existing user, you can choose not to have your WhatsApp account information shared with Facebook to improve your Facebook ads and products experience” from their policy.
But WhatsApp has been sharing user information with Facebook since a major policy shakeup in 2016. WhatsApp provided 30 days to opt-out of some of the sharing, a promise they’ll still honour but an option they no longer give users. The Tech outlet Wired spoke to WhatsApp, who specifically emphasized that nothing about WhatsApp’s information sharing with Facebook has changed since the high-profile policy announcement.
Despite the existence of end-to-end encryption for the content of your communications, WhatsApp still collects user information to “operate, provide, improve, understand, customize, support, and market our Services.”
In practice, this means they share a lot of information with Facebook, such as:
- Phone numbers
- Logs of how long and how often people use WhatsApp
- Device identifiers
- Other device details like IP address, operating system, browser details, battery health information, app version, mobile network, language and time zone
- Transactions and payment data
- Cookies and location information
What Does Total Security Look Like?
A company can still be dangerously loose with your data even if they offer “end-to-end encryption.” Understanding the truth about mobile security means thinking about privacy beyond a phrase or a slogan and conceiving of it in a holistic sense.
ChatMail provides full-fledged mobile security solutions beyond our military-grade encryption. Privacy settings are turned to maximum protection at every aspect of the front- and back-end of our product.
We are the only platform that encrypts every single message individually. Our unique design removes the need for permanent server storage of sensitive data. We operate our own private datacenter and are careful to host all data in countries that respect privacy.
Will any other platform pull back the curtains and show you what sent messages look like on the back-end in real-time? ChatMail is happy to! You’ll see that every individual message is a stream of letters and numbers which look like gibberish and can only be read by the person holding the private key.
Identities are not disclosed, and our system scrambles the sender each time they send a message. Looking at the back-end, a person would never be able to tell if someone received one text message from ten people or if the same person sent ten messages.
Other providers don’t necessarily encrypt your message when it’s stored on the device, meaning there could be a way for hackers to sidestep the encryption or at least make deductions from your communications. ChatMail’s goal is not to merely create impenetrable encryption; it’s to prevent all your data from leaking at all costs.
We’ve achieved this level of security, and we’re more than happy to demonstrate how it works.
Secondary Security Features
Beyond encryption and storage, ChatMail offers a suite of features to let you manage and protect your data. Voice and pictures are encrypted, not just your messages. The Group Chat is fully functional and even has an Anonymous Group Chat feature that uses randomly generated names.
An optional secondary PIN prevents unauthorized access, while the remote wipe functionality gives you control over your data even if your device should fall into the wrong hands. Messages can delete even if the device has no data connection — the first thing a corporate saboteur or identity theft would do after stealing your phone is turn off the data connection, but, even in this unlikely scenario, you’ll have full control over your sensitive information.
Scheduled burn functionality lets users share sensitive data in the knowledge that it’ll vanish from both devices at the appointed time. Messages, pictures, and notes set to self-destruct can’t be forwarded, favorited, or saved on either device.
When a platform is genuinely invested in your security, they always default to the strongest security settings possible and give you total control over your data. Contrast this with platforms like WhatsApp that always maintain at least some hold on their users’ data and erode even these protections over the years.
ChatMail will never dangle privacy like a carrot in front of our users — our encrypted phone exists to make you more secure over time, not less. Just try to jump through all the needlessly complicated hoops required to delete your WhatsApp history, and you’ll see the difference between giving users maximum control over their information and saying they technically control such matters.
This latest media outburst concerning Facebook and Signal has highlighted many WhatsApp security pitfalls that have been there for years and which aren’t likely to disappear any time soon. Any free service like WhatsApp needs to make their money somehow, and giving away secure, reliable services is not their business model.
Nothing is likely to change from WhatsApp’s decision to share more user information with Facebook because that’s essentially what it had already been doing for years. If you stake your company’s security on a free encryption platform, you’ll get what you pay for. Instead, rely on military-grade encryption, robust secondary security measures, and a platform that only exists to keep your sensitive information private.