- If you want to continue using the messenger, you have no choice but to agree to the new policies. If you do not, further use is not possible. Usually, many users adopt changes without reading what exactly has been changed.
- Likewise, information about the smartphone model, battery level, signal strength and IP address can be collected. Those who allow WhatsApp to access the location also release it for diagnostic purposes via IP address and call prefixes.
- Crucially, this data can be shared with advertisers.
There is good news, at least for EU citizens. Niamh Sweeney, WhatsApp’s Director of Policy, took to Twitter on Jan. 7, 2021 to address the discussions surrounding the forced update. In her tweet, Sweeney assures that nothing will change for users from the EU with the update. The changes do not affect the data exchange between WhatsApp and Facebook in Europe. The guidelines would not have changed for EU users. So as long as you use WhatsApp in the EU, your data won’t be shared with Facebook for product or ad enhancement – at least not yet.
The New Access Rights
WhatsApp requires a lot of access rights on both Android and iOS – including rights that sound very dangerous for privacy: Query location, read/receive SMS, access camera and microphone, etc.
- However, it is important to keep in mind that many of these permissions are also needed to guarantee a pleasant “Messenger experience”. For example, you would not be able to send voice memos without access to the microphone.
- Of course, these rights can also be exploited. For example, it is possible to make continuous recordings with the microphone and send them to different servers.
Storing Various Data On The WhatsApp Servers
It is often feared that WhatsApp stores a lot of user data on American servers and possibly sells it to third parties.
- However, upon request, the developers informed that only the respective phone numbers, billing receipts and messages are temporarily stored.
- The phone numbers are backed up without any other information – that is, without names from the personal address book. The numbers are needed to enable communication. Otherwise, the app would not be able to show who in your address book also has WhatsApp installed.
- Messages and billing receipts are also stored on the servers – but messages are only stored until the recipient has received them. After that, they are deleted. If the message is not delivered within 30 days, it is also automatically deleted. Billing data is normally never deleted. However, if you delete your account, they are also removed from the servers after 30 days.
- However, WhatsApp’s T&Cs leave a lot to be desired in terms of data protection. For example, the company secures the right to pass on the data to third parties. Even in the event of a sale, all data is passed on to the new owner – in this case to Facebook.
Encryption on WhatsApp
For a long time, WhatsApp sent data completely without encryption. This means that anyone on the same network (e.g. WiFi) could read your WhatsApp messages. In addition, anyone with access to the WhatsApp servers could theoretically read your messages.
- So-called end-to-end encryption has been available since November 2014 – but initially only for Android. In the meantime, messages, photos, videos, voice messages, documents, status messages and calls are also encrypted for users of other operating systems.
- According to Art. 15 of the GDPR, you have a right of access. This means that you can request to view stored data from WhatsApp.
- You will then receive a report on all data collected and stored about you.
Conclusion: Privacy and WhatsApp
WhatsApp has taken an important step towards data security with end-to-end encryption.
- In the past, neither the company nor the app itself have covered themselves with glory: Serious security gaps were often discovered and it took a long time until they were closed. In addition, the company discloses almost no information – not even in the changelogs of the updates. Thus, it is often not apparent whether a problem has really been fixed.
- Furthermore, the app belongs to the Facebook company: It is well known that Facebook earns money with the users’ information. So far, this is not supposed to be the case with WhatsApp, but you cannot be sure. Also, a lot can still change due to the current T&Cs.
- WhatsApp is not a really secure messenger: Especially if you want to protect your data, you should switch to another messenger. This is because WhatsApp is an American company that also stores its information on American servers.
- Secure alternatives to WhatsApp are Signal, Threema and Telegram.
- If you are not sure, you should make use of your right to information. Then you will know exactly what WhatsApp knows about you.