Why WhatsApp’s New Privacy Policy is No Big Shock | SaltDNA

Why WhatsApp’s New Privacy Policy is No Big Shock

14/01/2021 | Nicole Allen

Elon Musk summarised it pretty well, “The Facebook-owned app update means that all private and sensitive information collected by WhatsApp will be shared with Facebook, including a user's IP address and phone number.”

WhatsApp just updated its Privacy Statement to include the following:

We receive information about you from other users and businesses. For example, when other users or businesses you know use our Services, they may provide your phone number, name, and other information (like information from their mobile address book or in the case of businesses, additional information about you such as unique identifiers)

Elon Musk summarised it pretty well, “The Facebook-owned app update means that all private and sensitive information collected by WhatsApp will be shared with Facebook, including a user's IP address and phone number.

It’s again worth repeating that WhatsApp was built for consumers and has become a hugely powerful product for Facebook because of its 2 billions users. It is a shining example of how surveillance capitalism works: give free access to a highly engaging and useful tool and charge third parties to use the collated information to profile users in order to target content at relevant users based on certain criteria.

The “content” can be in the form of ads, news or other digital material. There is a much bigger debate at the moment about the long term impact of allowing organisations to directly target products, services and news in such a laser focused way at individuals. Do these systems inadvertently build huge divisions in society by feeding you only what you want to hear? We’re not going to get into that in this blog (or ever I hope!).

For businesses who complain to us of a “WhatsApp infestation” regarding the movement of sensitive client and operational information this is yet another stark wakeup call.

Businesses are increasingly aware that when they use WhatsApp to interact with clients they are likely not GDPR compliant. If an employee provides WhatsApp access to their phone contacts it means that - without the permission of those contacts - WhatsApp (under the terms of their new policies) allows the company to upload all this sensitive contact data to Facebook.

WhatsApp protects itself by passing the buck to you: "You provide us, all in accordance with applicable laws, the phone numbers of WhatsApp users and your other contacts in your mobile address book on a regular basis, including for both the users of our Services and your other contacts."

That means that even those users who are not using WhatsApp, but who are in your address book, are having their phone number uploaded for processing by Facebook!

We’ve written extensively in the past about misleading inference that end to end encryption means “secure”. That’s not the case. Security relies on strong encryption which is coupled with control.

“WhatsApp isn’t free. WhatsApp is a consumer app owned by Facebook which monetises its users by crunching the meta-data and profiling each user in a way that advertisers and others find highly valuable. Employers with a duty of care to their clients are open to unnecessary liability when staff use consumer messaging apps for business communications. With Salt, you pay to use our system and the information about you and your clients is never made available to any third party,” SaltDNA’s CEO Joe Boyle commented.

The need for companies to use a highly secure, compliant and managed enterprise messaging platform such as SaltDNA, becomes even clearer when Facebook combines WhatsApp with Instagram, Messenger and Facebook.

With these most recent policies causing concern for businesses and governments across the globe, it is time to take control of your own communications. Contact SaltDNA today to understand how your organisation can take control back of your communications and eliminate the threats that consumer messaging applications provide. Sign up for a free trial of SaltDNA or to talk to a member of the team by contacting us on info@saltdna.com or visit our website at saltdna.com.

About SaltDNA

SaltDNA is a multi-award winning cyber security company providing a fully enterprise-managed software solution giving absolute privacy in mobile communications. It is easy to deploy and uses multi-layered encryption techniques to meet the highest of security standards. SaltDNA offers ‘Peace of Mind’ for Organisations who value their privacy, by giving them complete control and secure communications, to protect their trusted relationships and stay safe. SaltDNA is headquartered in Belfast, N. Ireland, for more information visit SaltDNA.