On the face of it, WhatsApp has ridden out much of the media storm surrounding its much-criticized privacy update. While reports emerged in January of the messaging app losing millions of followers to rivals like Telegram and Signal, the migration of users seems to have almost ended. At the very least, WhatsApp’s parent company, Facebook Inc, will be relieved to see that the mainstream media has largely lost interest in the story.
However, the issues have not gone away. As has been widely reported, WhatsApp has postponed its new terms and conditions update until May 15th. Like the original update, what happens after for those not accepting the terms has been poorly communicated by the company. Although, there is now agreement that one of the outcomes means that users will have only restricted access to the app if they do not agree to the new terms.
Indeed, perhaps ironically when coming from a messaging app company, poor communication has been at the heart of this story. For instance, it wasn’t widely known that there would be a completely different update for EU countries, as well as the UK, which recently exited from the European Union. Because EU law enforces the GDPR (General Data Protection Regulation), the terms were always going to be different for users outside the Bloc.
GDPR issue highlighted unclear terms
But, even if you don’t live in the EU, the story there gets to the root of the problem. It’s not that WhatsApp’s update is a nefarious data grab, it is that the company seems to be at pains to obfuscate and downplay how and why it uses your data. As such, it’s been difficult for media reporters to pinpoint what elements of the update are unattractive. We mentioned the EU and the GDPR because the latter requires companies to be clear over the specific use of your data. As WhatsApp data usage was unclear to EU users, Italian authorities flagged it and reported it to the European Data Protection Board.
One of the clearest voices on the issue has been Zak Doffman, a cybersecurity correspondent for Forbes. Doffman questions WhatsApp’s use of metadata harvesting and personal data, and its motive for using this information. He, too, points to the poor communication on behalf of the company, although he also points to several mistakes around media misreporting on the topic.
But above all, Doffman brings attention to this irrefutable fact: He writes, “Remember – if the product is free, then you’re the product. This isn’t complicated.”. Many of us have accepted this fact, and we are happy enough to make that deal with WhatsApp, Facebook, Google, and so on. WhatsApp may have lost many customers this year, but, in truth, it only made a small dent in its army of over two billion users. On May 15th, you can be sure that the majority of people will simply hit accept when asked to agree to the new terms.
However, when it comes to more sensitive information, you can understand why businesses and individuals are moving away from the traditional sphere of Big Tech companies. Cybersecurity specialist Kevin Mitnick told the Guardian that while end-to-end encryption, which is offered by WhatsApp, is good, he personally has “never communicated a secure message over WhatsApp”.
Spike’s integrated platform has become popular
Companies like Spike are challenging Big Tech’s dominance of communications. Spike is a Thunderbird alternative for Android, but it’s the multi-functionality of its chat and email integration allows it to act as a rival to products like WhatsApp and Gmail too. It uses the AES-256 algorithm to secure all data on its application. But perhaps more importantly, on its website, it echoes what Doffman said above, with the question: “Are You the Customer…..Or the Product?”. This claim to not treat users like products is backed up by an assertion that Spike, “never will sell or monetize your data”.
But while growing companies like Spike, or Signal and Telegram, might ultimately benefit from a lack of trust in Big Tech’s use of our data, there would need to be a huge change in global attitudes for there to be any mass migration away from platforms like WhatsApp. Indeed, it’s always best to treat survey on data concerns with a pinch of salt. Most people say they are concerned about how their data is used, but that does not mean they are ready to delete the app under scrutiny.
As for what will happen in May, WhatsApp will probably come through bruised but otherwise unscathed. Yes, there is a growing mistrust of its parent, Facebook, but it seems to come from a vocal minority. Even Doffman calls WhatsApp’s terms change relatively “benign”, explaining that the main issue is that it wants to enable some of Facebook’s business customers to contact you (with your permission) via WhatsApp. Even though those messages will be kept out of the end-to-end encryption vault, Doffman asks whether anyone really cares if messages between them and a supermarket are not encrypted?
The real culprit, however, is the obfuscation, the lack of clarity about what happens with our metadata (the data of our data, as some call it). Hoffman counseled users to stick with WhatsApp back in January but cautioned in March that he might change that advice given WhatsApp’s poor communication over the issues. Alternatives exist, but it’s not clear whether the average user will migrate to a new platform.