A New (Non-)Privacy Policy from WhatsApp? [A comparison between messaging applications]

Tech and media companies are exploiting free, popular apps to increase their access to  personal data; and WhatsApp has just followed suit. The app has been sending notifications about an odd update to its privacy policy.

The latest policy grants Whatsapp permission to share users’ data with its parent company, Facebook—as well as its subsidiaries. This includes sharing your mobile number, IP address, and other identifiers. It also allows Facebook to use your data across other Facebook-owned products such as Facebook Messenger, Instagram and the Facebook app. The new policy will enter into effect on February 8. Those who do not agree to the policy will see their WhatsApp accounts deactivated. In other words, Facebook is telling us: “You either agree to share your WhatsApp data with us, or we will delete your account.”

In its new privacy policy, WhatsApp declares that it will collect device identifiers (including identifiers unique to Facebook Company Products associated with the same device or account) and share them with Facebook Company Products and third parties. It will also receive information about you from these parties (see the table below to know more about WhatsApp’s privacy features compared to other applications).

In WhatsApp’s new privacy policy, Facebook claims that collecting this information and sharing it with other Facebook services  will allow it to “improve infrastructure and delivery systems, understand how our Services or theirs are used and promote safety, security and integrity across the Facebook Company Products.” WhatsApp also explicitly acknowledged that WhatsApp accounts will be completely integrated with Facebook Company Products and that this data will be used to improve “their services and your experiences using them, such as making suggestions for you (for example, of friends or group connections, or of interesting content).”

This information, which is provided by app developers, was obtained from Apple’s App Store. Apple does not verify this information – that is, these applications could be collecting users’ private data without declaring it. Alternatively, these applications could be collecting this information and data only on Apple products, and the data they collect on Android devices could be slightly different.

This means that your Facebook account will be directly linked to your WhatsApp account, which would entail further invasion of privacy on WhatsApp. This integration would expose over two billion Whatsapp users to several risks. Some issues to watch out for:

  • Linking users’ mobile phone number and WhatsApp to their Facebook account and other Facebook products (such as Instagram), giving the company access to more personal identifiers about users.
  • Despite the fact that WhatsApp messages will remain end-to-end encrypted, Facebook will now have access to metadata about your conversations – i.e. who you talk to on WhatsApp, how frequently and at what times.
  • Sharing your contacts list with other Facebook Company Products or third-parties.
  • Hackers may potentially access and exploit the massive amount of data collected by Facebook through its products.
  • Facilitating surveillance and monitoring operations on various applications when Facebook complies with requests by governments or other entities (Facebook usually publishes these requests in its Transparency Report).
  • The possibility of receiving targeted ads based on the data collected by Facebook through WhatsApp and other products.

Some are unable to dispense Facebook apps. Since Facebook has left users with no choice but to concede to its exploitative privacy policies, we’ve put together some suggestions on how to reduce Facebook products’ access to your private info: 

  • Surf social media platforms, including Facebook and Instagram, through web browsers rather than mobile applications.
  • Use Messenger by Facebook through a web browser, rather than on your phone.
  • Use safer and less exploitative messaging applications, such as Signal and Wire.
  • Limit the permissions granted to applications as much as possible, such as location, microphone, camera and gallery permissions.

Thankfully, people are reacting to Facebook’s attempts at forcibly demanding access to Whatsapp users’ data by seeking alternatives. Signal messenger, owned by a non-profit foundation and considered one of the safest messaging applications, announced today that many users are flocking to its platform following the Whatsapp policy update notifications.

This article was co-written by Ali Sibai, Digital Safety Helpdesk Manager at SMEX. Ali is a digital security consultant with an interest in research on internet disruption, censorship, surveillance, and safety. Follow him on Twitter @alisibai.


This page is available in a different language العربية (Arabic) هذه الصفحة متوفرة بلغة مختلفة

Avatar photo

Abed Kataya

Digital Content Manager at SMEX. Digital safety trainer and freelance journalist. Interested in technology, economics and entrepreneurship. Follow him on Twitter @kataya_abd.