WhatsApp: a lesson in communication and privacy

On average, we spend 3 hours and 15 minutes a day on our phones (RescueTime). Shocked? Think about how often you reflexively reach for your mobile throughout the day and that figure might not seem so high. 

Many of us will spend much of those 3 hours and 15 minutes interacting with messaging apps and social networks, sharing and receiving personal and private information with and from friends, family and our wider communities.

Given the amount of personal information we share on a daily basis, you’d think we would all be paying close attention to how these apps handle our data and, by extension, protect our privacy. The reality for many people however is probably a little different.

Most of us would likely admit to skimming over lengthy terms and conditions—if we read them at all—and are probably unlikely to notice minor policy updates that are often rolled out over time. 

That is, unless those updates hit the headlines, which is exactly what happened earlier this year when WhatsApp announced a change to its terms of service. A standard scheduled policy update led to an unprecedented mass exodus of users from the messaging app.

WhatsApp updates its terms, users panic

On January 6 WhatsApp announced a change to its terms of service: from February 8, Facebook and its subsidiaries would be able to collect users’ data, including phone numbers and locations, from WhatsApp. And if WhatsApp’s users didn’t agree to this change? Then they would lose access to the app.

Unsurprisingly, this didn’t go down too well with many of WhatsApp’s 1.5 billion+ users. Over the following weeks, WhatsApp plummeted from its position as the most downloaded app in the UK at the start of the year to number 23 in the charts in just 12 days (AppAnnie). 

Meanwhile rival apps like Signal and Telegram swooped in to capitalize on the former-WhatsApp users’ quest for a secure, privacy-forward alternative. In less than a month, Signal had gained more than 7.5 million users globally, while Telegram had gained more than 25 million.

Damage control

While users were leaving the app in their millions, WhatsApp was scrambling to carry out damage control. 

After the initial news about the update broke, it seems the changes were potentially misinterpreted. Instead of sharing WhatsApp’s intended message, viral posts across the internet warned that the policy change would ultimately allow Facebook access to the content in users’ messages.

WhatsApp later clarified that this was not the case. Niamh Sweeney, WhatsApp’s director of public policy for Europe, the Middle East and Africa, said that that update was intended to do two things: enable a new set of features around business messaging, and “make clarifications and provide greater transparency” around the company’s pre-existing policies. (Guardian)

WhatsApp then decided to delay the implementation of its new policy until May 15 and emphasised that “the policy update does not affect the privacy of [users’] messages with friends or family in any way.”

But by the time WhatsApp had released this statement, the damage had been done. People were confused and trust in the app had disappeared. Switching to an alternative messaging service seemed to be the most appealing option for millions of users.

But what does all of this really mean for you?

If you live in the EU or UK, then WhatsApp’s latest update to their terms of service won’t actually make a difference to how your data is handled, thanks to existing data protection laws in these regions.

If you live elsewhere though, you may want to consider whether you are happy with Facebook potentially having access to even more of your data. WhatsApp has confirmed that neither they nor Facebook would be able to read users’ messages or listen to users’ calls. 

Rather the policy change would give businesses “the option to use secure hosting services from Facebook to manage WhatsApp chats with their customers, answer questions, and send helpful information like purchase receipts.” This would mean that businesses could potentially use the contents of your direct chats with them for their own marketing purposes. 

If you’re not a WhatsApp user, you might think this whole affair is irrelevant to you. However, that’s not necessarily the case.

Regardless of your preferred messaging app, the WhatsApp saga acts as a timely reminder to review the policies and settings of any apps that you use regularly. Are you still happy with how your data is being collected, stored and processed? If not, maybe it’s time to switch things up.

So should you leave WhatsApp for Signal or Telegram?

If you’re still unsure about whether to change messaging apps, it’s worth weighing up the pros and cons of two of the other major players.

Signal has turned out to be one of the most popular alternatives to WhatsApp. Recommended by Elon Musk and Jack Dorsey, Signal was founded in 2018 by Brian Acton and Moxie Marlinspike. Incidentally, Acton also co-founded WhatsApp with Jan Koum.

Signal offers an effective solution for the privacy conscious. Aside from your phone number, the fully open-source platform does not collect and store any of your personal data. All messages and calls sent through Signal are end-to-end encrypted, meaning the contents won’t be seen by any third party, including Signal.

Another popular choice is Telegram. Released in 2013, Telegram claims to deliver messages “faster than any other application”. Unlike WhatsApp, which collects and stores a wide variety of data about you, Telegram only stores your name, phone number, contacts and user ID.

However, unlike Signal, Telegram only offers end-to-end encryption for certain messages, so-called “secret chats”. Telegram probably falls somewhere in the middle of WhatsApp and Signal on the privacy protection scale.

Ultimately, whether you decide to use a new app or not will be a personal preference made on balance. Do your needs for security features like end-to-end encryption outweigh the potential inconvenience and social impact moving away from WhatsApp might have?

Clear communication and transparent policies are key

Aside from the immediate question of whether it’s time to ditch WhatsApp for a rival messaging app, there is one learning that all organisations operating in today’s data-centric world could benefit from: clear communication is key.

By providing your website or app users with clear, up-to-date policies (see highly-regarded policy generator Termageddon for help), and ensuring that any updates are communicated early and transparently, your business can help to manage users’ expectations and maintain their trust, hopefully helping to avoid a WhatsApp-style scenario.

Implications for other businesses

History has shown that empires fall. Remember Block Busters? They had the chance to buy Netflix for $50M, but laughed at the price. We all know what happened next. That revolution was the result of a technological evolution, initially DVDs and later streaming. WhatsApp isn’t going to collapse this month, but it has taken a big hit, the migration was swift and significant. It underlines that consumers care about their data privacy. Many people will remember the Facebook and Cambridge Analytica controversy, which no doubt added to the mistrust.

The attraction of online companies is that it’s easy to sign up to their services, the danger is that it’s equally easy to leave and move on.

Learn from others’ mistakes

Whether you decide to leave WhatsApp or not, there are simple lessons we can take as both users and business owners.

Users, there is no time like the present to review the apps you use to make sure that you’re satisfied your data is being handled responsibly.

Businesses, consider reviewing your website and data protection policies and, if you’re planning an update, learn from WhatsApp’s mistakes: communicate any and all changes clearly.

Did you decide to move on from WhatsApp? We would love to hear your thoughts in the comments below.

FortressDB is a secure, high-speed database plugin for WordPress form data. Learn more and try it for free at fortressdb.com