Apple is known to be the most security and privacy-oriented company in the world and we are recently seeing one more example to Apple’s iron arm measures on user privacy.
It’s a no brainer to call WhatsApp as the world’s largest messaging platform with an estimated 2 billion users around the globe. Known for its simplicity, WhatsApp was almost an instant hit amongst the masses right from its launch. Aided with the smooth UI and a revolutionary non-cloud service which promised utmost privacy, users saw no better choice to share messages, pictures, and videos over internet. Just when WhatsApp, an independent internet app was sidelining giant social media conversations, the inevitable acquisition happened. And none other than Facebook would have sealed the deal at a whopping figure $19 Billion.
The independent messaging platform was then in the pockets of the czar of Social Media and what next? Many industry insiders were warning of a possible merger of Facebook Messenger with WhatsApp, and to much of the surprise Facebook declared WhatsApp would remain an independent entity and the data from WhatsApp will be shared with neither Facebook nor any third parties. Though known for its privacy issues, Facebook has maintained their part of the promise to keep things clean on WhatsApp and even raised the bar for privacy by providing end-to-end encryption on WhatsApp.
So, what’s rattling up Facebook now?
Just as always, Apple is pushing the boundaries of user security and data privacy yet again. The new policy updates on Apple’s App Store has introduced a new feature called ‘App Privacy’ that lists and labels all the data and the type of data an app may collect when installed.
With the new releases of iOS 14.3 / iPadOS 14.3 and macOS Big Sur 11.1, Apple has listed the data collections of Facebook (along with all other applications). The list of data may seem to be okayish for an on-looker on a screenshot (as shown below), but the ‘Other Data’ label is just the tip of the iceburg.
The below tweet of Tom Warren may be helpful to you in understanding the overhauling list of data that runs across several pages on an iOS device.
Facebook is already fighting this move from Apple by stating that Facebook uses these data to promote small businesses and even started a campaign stating “Small businesses deserve to be heard”. However, given the past record of Facebook over unauthorized data mining, the campaign doesn’t seem to have made any heads turn towards them.
The WhatsApp fiasco
The App Privacy labels were already causing enough damage to Facebook, yet there wasn’t or isn’t going to be any big reactions from the users since it’s almost an unofficial agreement with Facebook that the privacy policies are nothing more than few pages of text without any moral obligations to it. But what has seem to have shaken Facebook is the labels listed for WhatsApp, the 2 Billion users’ preferred service that has long been trusted for the privacy promises.
To much of its relief, unlike Facebook, WhatsApp is allegedly not to collect the actual data per se, however the metadata. Now, for the uninitiated, according to Ian Thornton-Trump, Chief Information Security Officer at Cyjax , metadata is merely the data about your actual data. In simpler terms, the metadata are the elements that most possibly can link your personal identity to the data. Some of the popular metadata includes your device ID, your hardware model, operating system information, IP address, mobile network information including phone number, when you send a message, when you send messages to groups to which you groups you belong, when you receive calls from your contacts. When if required, all the above such metadata can be used to trace back or breach your privacy which WhatsApp promised to offer.
All such meta data are called as ’Data Linked To You’ by Apple on its App Privacy section and the shocking list must have Facebook and Facebook’s WhatsApp worried. The list is shown below:
Implications to be noted
Apple has done its part in exposing the data or the ‘Data linked to you’ for the users. So, it’s up for you and me to decide on the whistle blown.
WhatsApp clearly ensures that the data is completely secured and neither WhatsApp nor any government agencies can bypass the message encryptions. WhatsApp brags the same on its Security page stating ‘Privacy and Security is in our DNA’. One has to note that, there has been no evident accusation of actual data breach.
At the same time, the metadata collected via WhatsApp can very well be used to track you or your activities online. The privacy policy of WhatsApp makes it clear via the statement below:
“As part of the Facebook family of companies, WhatsApp receives information from, and shares information with, this family of companies. We may use the information we receive from them, and they may use the information we share with them, to help operate, provide, improve, understand, customize, support, and market our Services and their offerings.“
With your data-rich Facebook apps already mining data out of your device, the metadata from WhatsApp will further add your privacy woes though not directly. Also, the upcoming partnership plans with with local businesses and tighter integrations with Facebook Messenger and Instagram deepens the need to reconsider your association with WhatsApp.
