I worked at WhatsApp between 2011 and 2019. This FAQ had very specific instructions for how to opt out of sharing that were only available for a limited amount of time. The FAQ serves as documentation of the product and there's no need to keep online specific instructions that can no longer be followed.
In order to opt out, you needed to have an existing account and take specific actions around the time you agreed to the 2016 new terms of service. Based on the internet archive, this article was removed after April 20, 2018, and before May 5, 2018. When it was most likely obsolete (I don't recall the specific deadlines for accepting the 2016 TOS)
I specifically and carefully made sure I opted out of this sharing in 2016, and when I requested my data years later, I was marked as "opted in". I don't trust that Facebook honestly honored or correctly tracked this option for anyone.
- “Ways To Improve Our Services. We analyze how you make use of WhatsApp, in order to improve our Services, including helping businesses who use WhatsApp measure the effectiveness and distribution of their services and messages. WhatsApp uses the information it has and also works with partners, service providers, and affiliated companies to do this”
- “We offer specific features and services to businesses and other organisations such as providing them with statistics regarding their use of our Services.”
- “Affiliated Companies. We are part of the Facebook Companies. As part of the Facebook Companies, WhatsApp receives information from, and shares information with, the Facebook Companies as described in WhatsApp's Privacy Policy, including to provide integrations which enable you to connect your WhatsApp experience with other Facebook Company Products; to ensure security, safety, and integrity across the Facebook Company Products; and to improve your ads and products experience across the Facebook Company Products. Learn more about the Facebook Companies and their terms and policies here.”
It is utterly naive to think that Facebook does not plainly ignore the regulations here. They have done it everywhere else.
And once the data is in the model, the Goose is cooked. Who cares about a few million fine?
In fact, Facebook would be irrational not to train their algorithms on every single data point, regulations and opt outs be damned. And that people itt have found that their data says opt in no matter what they pressed in 2016 is believable evidence for that.
As always: Don’t forget what Facebook has done in terms of data leaks, political skew, impact on the pandemic and damage of teenagers on instagram.
Do not forget how well they kept this under wraps and how little remorse they have, except in proportion to the fine.
Given the past years, we know that people working at Facebook are literally mustache-twirling cartoon villains, and I wish this was exaggerated.
These kinds of behaviors won't really change until governments finally pull their heads out of their asses and ensure that regulatory violations above a certain threshold are aimed squarely at imprisoning or personally fining certain key decision makers inside a company. You know, actual people inside its structure, not just the monstrosity as a bloated, extremely wealthy business entity that can and will absorb fines as nothing more than a cost of doing business..
That they fine the corporate entity as well, sure, why not but that they also explicitly make it known that they will seek criminal charges against actual human beings who made specific choices and decisions to ignore certain major rules. Even if the top brass cover their asses with lawyers under such a regime, asking any subordinate to break rules will always be weighed with the question of "and will I be one of the ones who gets literally jailed for this being uncovered in court?" That wholly new chain of consequence-weighing might at least make blatant disregard for legal limitations more problematic for everyone at a company like FB and so many others. It might also make the leadership hesitate more because they'll rarely be sure if an employee they asked to do something illegal isn't also gathering evidence against them as he or she violates the rules under their orders.
Punishing malfeasance by applying nothing more than fines to multi-billion dollar corporate entities as abstractions is absurd nonsense. And it's funny in its hypocrisy, considering how "tough on big corporations" is a popular politician's theme that gets votes, only to be forgotten by both politicians, and apparently, voters as well once someone is in a position to make rules with real weight.
It would be a couple of hundred million fine, but otherwise you are right. The issue with GDPR fines is that while they stop companies from continuing to do the exakt same thing (because they would be fined every year until they stop) it can still be worth the fine if you gain enough market share from violating regulations.
> I don't recall specific deadlines for accepting the 2016 TOS
Based on what I see in the archived article, it looks like accepting the TOS was a "roadblock" popup in the app -- you couldn't continue using the app without accepting the terms. Any accounts which hadn't accepted the terms after two years could have simply been closed for inactivity.
There was a process, you had to have a new enough client to get prompted, and once prompted there was a later option available for some amount of time before you were roadblocked. So if you were running an older version, the question becomes when did that version expire, forcing an upgrade to a version with the prompt, and then how long did you have from there to accept the terms. And, if you had an eligible account, you had 30 days after accepting the terms to opt out of the sharing.
You could probably look at the many news articles that were written back then to get some idea of the timelines. Although, most news articles weren't written with the perspective of delaying terms acceptance as much as possible.
(Also, I had meant to say I didn't recall the specific deadlines... There certainly were deadlines given specific circustances of each account)
AFAIK, it's in the GDPR report, but was never visible otherwise (including when the opt out was offered; once you opted out, you couldn't opt in or confirm that you opted out)
I left before the current change. From what I gather in news reports, they're not currently roadblocking on it, but they've said they will.
For the 2016 tos, we definitely roadblocked. I think it was display it once every X days, and after Y days, you couldn't send messages until you accepted the tos, server enforced. If you still didn't accept, your account would be idle and would be deleted 45ish days after the roadblock.
I wonder: what did you and your team do most of the time?
I mean there haven‘t been too many crazy new features.
How was privacy handled in the first few years?
My official work was server side verification. Sending codes to people via SMS and Voice. So that's evaluating new SMS/voice providers, checking that the current ones are working, tracking down issues, working with carriers to setup direct SMPP connections for SMS (which thankfully got offloaded to the FB Mobile Partner team), supporting carrier deals. Figuring out how to make it as easy as possible for users to input codes (including working to make the messages readable for platform APIs that allow automatic/assisted code entry)
But even though that's a lot of things and is super important, most days there wasn't urgent work on that, and I'm pretty good at debugging weird stuff, so I debugged a lot of weird stuff. When you have millions (or billions) of users, 'one in a million' stuff happens a lot.
Diagnosing bugs in FreeBSD and fixing them (or convincing upstream to fix them), diagnosing bugs in client platforms and finding workarounds (also trying to get them fixed, but it's hard to get a lot of movement even when bugs are general and just nobody else diagnosed it), diagnosing bugs in ISP networks and finding workarounds (almost nobody follows through on email to whois contacts, even if you're sending from @whatsapp.com), diagnosing issues in our hosting provider's network and convincing them to fix it, etc. If I had stayed longer, I'd have probably started diagnosing bugs in the FB infra and Linux, but I more or less left when we were almost done with our FreeBSD hosts and it took a while to wind down everything, so it was a good transition point to more or less not touch the service where it was running on FB.
In terms of privacy, I'm not going to say much. I think it's fair to say our goal was to only have the necessary private information to provide service. Messages aren't kept on the server beyond delivery, have a limited time frame waiting for delivery, address book is numbers only, no names, etc. Signal certainly stores less information on the server than WhatsApp. You can certainly read about our many failures (no client to server encryption, then poor encryption, and eventually good encryption) among other well reported issues. End to End Encryption took a long time to develop and deploy, but it sets a bar that hopefully other providers will meet (or exceed).
Even when the option was there, it was hidden behind the 'read terms and conditions' link.
If you missed that, there was an opt-out in Settings > Account > Share my account info. But the site implies that option is only available for the first 30 days.
And even if you, despite their best efforts, opt-out, it's a very limited opt-out:
The Facebook family of companies will still receive and use this information for other purposes such as improving infrastructure and delivery systems, understanding how our services or theirs are used, securing systems, and fighting spam, abuse, or infringement activities.
Even then, they're likely lying. Facebook collected phone numbers ostensibly for 2FA security purposes only, then immediately used them for ad purposes.
Those terms are written by engineers with good intentions, but you have to remember your data is subject to the whims of unscrupulous PMs with targets to hit ;)
Instead of arguing how bad WhatsApp is in terms of privacy, people would be better off by switching to more privacy respecting alternatives such as Telegram or Signal.
I know it's hard to switch if most of your friends are on WhatsApp, but you can talk to them and switch together.
I had started peddling Signal to my family members. Then Signal shot themselves in the foot by killing the SMS import functionality. SMS integration was the killer feature of Signal for bringing more people on board and get to a critical mass of users, where uninstalling WhatsApp would be a a viable option.
It seems that you can still get the SMS import by first installing an old version that supported it and then upgrading (see [1]). But obviously this is only an option for techies, not moms and pops.
I don't understand normal peoples obsession with keeping their old SMS messages. I get that there are some cherished memories from loved ones living or passed, but, take a screenshot to be saved to the 'cloud'. And I'm even text-heavy when it comes to communication, but there are no conversations I have over SMS that are worth "re-living the moment" (in my experience). I've got Signal configured to delete any messages older than 3 months. Long-term important information isn't for SMS.
I asked my son's friends if they had each other's phone numbers in case the 'party' got split up and needed to arrange to meet at a time/landmark. They pretty much all said "we've got each others insta". Today's yoof don't SMS, so SMS integration has a decreasing lifespan.
People's lives are so busy (I know this because that's what everyone says), who's scrolling back through their SMS conversations, and why?
In the UK, everybody uses Whatsapp, from friends and family to businesses.
That won't change until communication platforms are forced to make their products interoperable with each other. I can't use anything else because nobody else does, I would not even be able to book my Dog in to the Groomers because they won't answer the phone and only respond to Whatsapp.
E2E encryption can protect contents in transit with TOS for communication platforms to join the Multi-provider network stating they cannot analyse the contents of received messages in-app.
>would not even be able to book my Dog in to the Groomers because they won't answer the phone and only respond to Whatsapp.
Good luck getting businesses to move away from Whatsapp. I deleted my account and was able to get friends and family on Signal, but thankfully I don't have any businesses I interacted with that used Whatsapp (or Facebook). I might be missing out on products and services... But hey, at least I don't know what I'm missing. :)
This works for some. However if the sports club of your kid uses WhatsApp to announce training times etc. your kid might miss information etc.
Even niftier: In some countries Facebook created this "FreeBasics/internet.org" scheme where access to Facebook services is free. When travelling Indonesia WhatsApp was the only way to reach the landlords of guest apartments, taxi drivers, ... not even regular SMS/text.
The strength of the network effect can be hard to break.
Tell the people in the sports club that you don't have WhatsApp and that it's rude to force parents to do business with Facebook just for their kids to play sports.
When you cave and install WA, you make it harder for the next parent, just as all the ones before you made it harder for you.
If you want to be rid of these things, you can't get there by using them because you think you have to.
The people in the sports club will roll their eyes at you because [they think] you are a tin-foil hat wearing lunacy who is paranoid about surveillance from the boogeyman. They will refuse to switch their mode of communication that works for them and everyone else for one person (you) who is just causing trouble for no reason.
The vast majority of people don't think Facebook is the abhorrent service it is, and an even larger majority don't realize WA is owned by Facebook.
> The people in the sports club will roll their eyes at you because [they think] you are a tin-foil hat wearing lunacy who is paranoid about surveillance from the boogeyman.
That's not true. A lot of people are a lot more concerned about their privacy these days.
Telegram, encrypted or not, is safer just because it's not Facebook. Facebook is a privacy black-hole. And whatsapp "encryption" by now it's just a marketing ploy - smartphones can't be trusted for anything privacy related.
If both ends and the server are all controlled by the same entity: it largely doesn't matter if it's E2EE or not.
You can obviously argue that they can't siphon away information at the server level; but if you don't trust whatsapp/signal/telegram at that level then you're boned anyway because they could quite easily activate the 'whatsapp web' function and exfiltrate information via whatsapp servers.
Ideally we'd have clients and servers and server operators as distinct and uncoordinated individuals, which would have to work in conjunction with each other to unravel your messages: but there's no incentive for them in place to do that.
I, a server operator, can pass encrypted traffic, that data is encrypted with clients I don't/can't control.
I, a client software developer can make encrypted traffic, but messages can only be passed on networks I can't control. (and if it didn't, this would be easy to spot).
I, a server software developer can write software which allows traffic to be passed but does not promote an operator to exfil even encrypted data.
We have this with Matrix, IRC, XMPP etc;
IMO if you're going to use Whatsapp; it's the same as if you use telegram or signal; I understand that this opinion is controversial but you're choosing convinience over security and E2E doesn't mean anything if you have one entity controlling the ends.
> IMO if you're going to use Whatsapp; it's the same as if you use telegram or signal; I understand that this opinion is controversial but you're choosing convinience over security and E2E doesn't mean anything if you have one entity controlling the ends.
E2EE is not the main concern any more for most though. Most messengers offer some form of it, and you're correct in saying it probably won't prevent the company from accessing your data. However, I think the point is about which company to trust with this sort of power. Actually, it's more like "which company is least likely to do [bad stuff] with my data?"
Currently, facebook is much higher on that list than the signal foundation -- at least in my book.
Back when ICQ was a thing, alternatives like Pidgin encouraged switching by connecting to the existing ICQ network. I understand that in the case of WhatsApp, connecting to the existing network means that FB still gets hold of your data so there is no improvement in terms of privacy (at first), but it is still a step forward if convincing your friends to all switch at once is not an option (which is impossible -- your friends have friends that are not your friends, so the whole world would have to switch at once).
In India all business communications are moving to WhatsApp because everyone uses it. Even if you switch to other platforms you will be forced to use WhatsApp for business communications.
This is old news. When this change happened, there was a lot of outrage and anecdotally many people started using Telegram and Signal. But my guess is that at least some of the people who switched went right back because of network effects and because FB and WhatsApp started putting up advertisements about how this is only about the “WhatsApp business” platform and that it doesn’t impact users’ personal chats.
It seemed like a lot of people weren’t aware that this had already been happening, before the announcement to make the opt out unavailable.
This thread is full of people suggesting to just switch everyone, including grandma, to Signal/Matrix/Telegram/XMPP.
This is naive.
First of all, I'm a big fan of Signal and Matrix, but it is hard to overstate how much more polished WhatsApp is in comparison. There's just a lot more friction for grandma. There are also considerably fewer resources behind the alternatives, so things like this [0] happen (tl;dr - it took Signal over seven months to fix a bug in the Android client that would sometimes send messages to the wrong person!!)
Second, the problem doesn't end with grandma. It's the network. There are literally billions of people on WhatsApp and there are places where WhatsApp is the default method of communication for everything. Schools and kindergartens use it for announcements and to communicate with parents. Service providers give out a WhatsApp number to contact support. Friends and family are all on WhatsApp in established groups with a long history that everyone wants to keep. Trying to switch everyone over is futile. Not being on WhatsApp isn't an option. It is that big.
Reading this as an argument that more resources means bugs are fixed quicker I have to disagree, [there's][0] [many][1] [examples][2] of big bucks software productions with notable long-lived bugs in production.
Fair point. To be honest, I hope that such a bug could have remained open for 7 months because of insufficient resources. Any other explanation is even worse.
I do not think WhatsApp is very polished. It does not have a desktop client and when you use the web client you get an annoying notification on your phone which you can't dismiss. Additionally it is quite hard to find things in the preferences and there is no way that toI know of to copy a phone number from a group chat without adding that person to your contacts.
On level of polish I would say WhatsApp and Element are the same (i.e. rough) while Discord is more polished. I do not like Discord and their business but they have created one of very few polished chat clients.
When they were launching, and for most of their first couple of years, Whatsapp spammed the bejaysus out of me. My mummy told me never to play with spammers.
Signal and Matrix aren't ready for grandma adoption.
Out of all the non-whatsapp choises, Telegram is the least bad (yes, no E2EE, relax) and is something you can actually get your boomer-aged parents and their parents to use with very little help.
I think the adoption of Telegram versus Signal (around 10x) really goes to pretty plainly demonstrate that the average user's priorities are not the same as the average HN user's priorities.
Even ignoring the network effect, for most people the user experience is a _much_ higher priority than things like E2EE. And the trade-offs Signal makes in the way they've implemented E2EE (e.g., if you drop your old phone in a toilet, change your phone number when you get a new phone, switch between iOS and Android, etc, you just... lose your entire message history) are just not acceptable to the average person. I suspect many people would not believe how many people I've heard complain about Telegram because the _stickers_ apparently aren't as nice as things like WeChat.
I'm fairly certain that long term the push to move non-technical users to Signal is going to wind up doing more harm than good. It's being sold as "good for privacy because it's E2EE". People are going to use it, have poor experiences, and then drop it. The next time someone says "use this app because it's good for privacy and has E2EE" it's going to be a much harder sell trying to overcome "Yeah, but the last time I tried that I lost all the message history with my deceased daughter when I bought a new phone."
I'm not sure what makes you the authority of valid answers in this topic but as someone who has tried movie their extended family to Matrix, I'd take that option with a grain of salt. It's a lot more complicated than choosing the objectively best product.
Signal, Telegram and WhatsApp, "just work", and it's zero effort to download, sign up, find contacts and start chatting. Matrix/Element is "good enough", but there's a lot of friction for each of those steps. Even I, as a technical person, get frustrated that there's some problem with my Matrix server every few weeks that I have to spend my time troubleshooting, sometimes missing timely messages because of it, or at least losing time that I'd rather be spending on other things.
Yeah, but grandparents (or whoever you are trying to introduce to Matrix) are not supposed to set up and run a Matrix server. If you meant that as an end-user you are having issues with the server you are on, perhaps you should use a different one. I have been using Element for quite a while now with matrix.org as my server, and I did not have any problems with the server I am on. The client is indeed buggy a bit[1]. Some bugs have been fixed since then though. If you run into bugs, report them please.
[1] There are many clients now for Android alone, for example, from F-Droid. Perhaps they are less buggier. I do not know.
It's not that I don't know how to solve the problems I face, it's that using Matrix requires more problem solving and has more friction, and that's one big reason why it's not the most popular choice.
No it does not. I just created an account at matrix.org and it worked fine. Does their client have bugs? Yes, but most chat clients have bugs. The only chat clients which have given me extra headache are WhatsApp (trying to get their web client to work and tryibg to stop them from scraping my address book), weechat (it is good but a bit non-obvious how to configure), Teams and Skype.
Edit: I forgot Google Hangouts which is very buggy and where it is almost impossible to add new contacts.
Like I said: not necessarily. I did not have any issues with it for a very long time. I did no problem solving. It is achievable in most cases. Stick to well-known clients and servers.
Again, there may be bugs. They will get fixed. It happens all the time with any software. Element is maturing. It is really easy to just download and use without any problems.
The more technical people in our group tried to register accounts but we were never able to "find" or message each other. It was orders of magnitude more difficult than getting started with telegram or signal. Don't get me wrong, I do want to use Matrix, it was just not feasible at the time. I do know that it's technically the more sustainable choice.
Yeah, you just do a single click on "+" (which says "Start chat"), and then it says on top "Start a conversation with someone using their name, email address or username (like @foobar:matrix.org).", so you just type in @username:server. Is it difficult? Could it get any easier? There might be other ways as well, such as the one you mentioned.
> Good luck onboarding one's grandma to any of those.
Huh? Just do it. Install it, then help her if you have to, similarly to how you introduced WhatsApp (or whatever else) to her, for example. They may not like change, but if they are capable of using another piece of IM software, they are capable of using any of the mentioned ones.
I installed Linux for many people who have never seen Linux their entire life. On some occasions I explained how to do something, and that was it.
Element, Briar, and Wire are very simple, too. You can use the same method you did with WhatsApp, even if it was just as simple as "Download X from the Play Store, sign up, login, and tell me what username you picked".
Signal seems too good to be true. If anything is perfectly private/secure it won't be allowed to exist due to regulations or government agenda(which creates these regulations). Just like any crypto with anonymous protocols never get listed on exchanges.
> If anything is perfectly private/secure it won't be allowed to exist due to regulations.
Why?
I was under the impression that these days the NSA and other government agencies prefer perfect security since if they can crack the security then other governments could too. By forcing imperfect security the US would give up a large part of its advantage.
No surprise at all, having user data is FB core business, they need to do this to earn money. Google core business is displaying adds, so don't be surprise that one day you'll wake up with a Chrome browser update in which adblock will no longer work.
I dumped WhatsApp within a few days of when FB said they would be changing how whatsapp deals with user privacy. A lot of other people did too. I'm happily now on Telegram.
I don't like ads either, but they're only going to be in channels, not in groups and private conversations. And if someone really wants to block ads, there are alternatives:
* Build and install a custom client with your own API key, and don't share it with anyone
* Use an Xposed module (already exists) or Cydia tweak if you're willing to root/jailbreak your phone
As for the encryption, it depends on your threat model. Yes, full E2E by default would be ideal, but even with their default cloud encryption they're probably a lot more trustable than Facebook & co. According to their FAQ, the data is scattered across servers in multiple jurdistictions, so a lot of governments would have to team up to get any data out of them.
But also, how do you handle convenient cloud backup/sync with full E2E? WhatsApp and Viber both constantly manage to lose messages for me when restoring after a device reset or switch.
> As for the encryption, it depends on your threat model. Yes, full E2E by default would be ideal, but even with their default cloud encryption they're probably a lot more trustable than Facebook & co. According to their FAQ, the data is scattered across servers in multiple jurdistictions, so a lot of governments would have to team up to get any data out of them.
Well, with WA I know they won't have access to it, except the metadata. With telegram I have to trust they they are probably more trustable.
And yes I know the metadata is more valuable anyway to the likes of FB.
But yeah the ads are going to be in Channels for now, I don't even use those. But I doubt it'll stop there. For me it's a bit like a bridge they cross that leads to a dark path. I don't mind paying for a good chat service but not with ads.
> But also, how do you handle convenient cloud backup/sync with full E2E? WhatsApp and Viber both constantly manage to lose messages for me when restoring after a device reset or switch
I don't really care about backing up my messages. But I send all my chats through Matrix now (with Bridges) so it keeps a log for me there (but on my own server). But I have not see this kind of issue with WA in the past when I did use that feature.
When the new ToS event occurred, I tried contacting WhatsApp to delete my account and my data. Their answer was that I could submit that request through the App. But accessing the app required accepting the new ToS. I couldn't get through to the support person that this would violate the whole reason I wanted to delete my account.
This is not true, unlike Telegram, WhatsApp has a reasonable model for E2EE and it's enabled by default. The UI is lackluster and it really should scream more when contacts' public keys change (to prevent MITM attacks), and it doesn't protect metadata such as your contact list at all, but all of that is still better than Telegram, which offers no encryption for group chats at all.
Transport encryption is table stakes. It's really no longer something that can be mentioned as if it were something special. When I browse to a random website I don't think “wow HTTPS, so secure”. The channel client <-> service is encrypted, but the service still gets all of the data in plaintext.
On a technical level, Telegram is are as secure as Facebook Messenger. Both offer transport encryption and optionally E2EE secret chats. Actually, I might trust Facebook more (on a technical level) because they don't have Telegram's disastrous history with home-brewed crypto protocols.
The thing with E2E encryption, is it really verifiable? Has anyone actually gotten/extracted the WhatsApp secrets and then checked that what goes in one end comes out the other fully encrypted, systematically?
After all, everything goes through WhatsApp's proprietary clients and servers, we don't know what voodoo they do along the way. Just because they claim it's E2E encrypted, doesn't really make it so, I'd imagine. Has their E2E encryption been confirmed independently?
They had Moxie Marlinspike, who is behind Signal, audit their encryption code. Of course, we can't know if the code they let him audit is actually the code that gets deployed, and it's also been a few years since then, but the E2EE has been independently confirmed.
The fact that I recieve advertising in FB for things discussed in a 1:1 chat in whats app, minutes after discussing them, means it's not secure. E2E is end to end, not end to FB to end.
May be the other E has been googling about the thing you discuss. Metadata is an important flaw, they don't need to compromise the E2E communication to track/profile you.
Wow, lots of FUD here. Well, keep downvoting and telling people to install a messaging app without end-to-end encryption if you want. Doesn't make you right.
Old habits and mindsets never seem to change despite corporate pronouncements and PR puff pieces written by stenographers. The regulators (and legislators) are either the biggest dupes, or much more likely in on it.
Let’s not forget the FTC hookup for Netflix by Obama and the eventual payout when he left office.
Or Ajit Pai who came from Verizon to run the FTC and undid the Obama era changes favorable to Netflix and inimical to Verizon.
——-
I hardly see any of these events as triggers for the mass migration to apps like Signal. The network effects seem impregnable for now.
Earlier this year, when the change was announced and the media talked about it, I saw a ton of people starting to use signal (non-tech neighbours, my plumber, headhunters I still have in my contact list, etc). At this point I asked my mother to install it and to my surprise a lot of her friends where actually on Signal.
It's still not the majority but at this point there is a significant user base for signal, much more than one year earlier.
What does “move back” means? Almost nobody uninstalled Whatsapp (even I use it frequently) or stopped using it. But they have installed Signal and can now be reached this way. My mom uses it to chat with her friends who have it, and use Whatsapp for the rest. I don't know anyone who has actively uninstalled Signal so far, so I use it by default to connect with them. If you compare this to emails, none of my friends ever bothered to create a non gmail address, so I'm stuck with Google reading all my personal communication with nothing I can do. It used to be the same[1] for Whatsapp, but no more. This is a small victory, but a clear victory nonetheless.
[1]: not exactly the same, because AFAIK Whatsapp is E2E encrypted, but Facebook still has access to all the metadata, which are way more that what I want them to have.
Yes. But the whatsapp groups are impossible to move. I created the same group on signal. Nothing, two people move. Even in my office, a technocratic environment for sure... People won't move. We need a stronger motivator to move them or we need to make moving "seamless".
I joined a few orgs fighting for a systemic change, understanding the decisions process and be a part of it, more collective life in support of all the discriminated people and a more ecological way of life. Left-leaning stuff.
All the public communication happens on Facebook, Twitter and Instagram. Private comms are on whatever those platforms have, or Telegram and Discord. Only a minority have Signal and most don't want to hear about it.
When I tell them there's an internal issue because you can't change the world and give more power to the people by using anti-users tools like those, they look at me like I'm from another planet. There's a long road ahead.
> I joined a few orgs fighting for a systemic change, understanding the decisions process and be a part of it, more collective life in support of all the discriminated people and a more ecological way of life. Left-leaning stuff.
That's fascinating, because when I joined similar groups last year, they all emphasized using Signal for private comms. They were, in fact, the only people I talked to Singal on, because nobody else I knew really used the app back then.
Perhaps there's a stronger privacy culture in some activist groups versus others.
From my very little experience there are a few categories:
- groups where privacy is a matter of personal security will actively use Libre Software and their own services because it's just too important
- groups emerging from the technical world will naturally adopt Libre software and decentralized services because tech doesn't scare them
- everyone else comes from a world where FB/Twitter/Instagram is the norm, so when they group together on issues related to the physical world they will continue to use the digital tools they are used to
There is a real work of deconstructing our tools and the prevalence of big tech in our digital world, just like there was a necessity to deconstruct the position of white males in a patriarchal, occidental society.
I had that issue here too in an org here in the Netherlands.
I was working on the tech end, and a lot of our time was spent transferring events from Facebook to other platforms by hand. I asked, "Why are we on Facebook? These guys are completely against us!" and everyone looked patronizingly at the old guy and said, "We need to get our message across in every platform!"
They were completely clueless, and I loved them, but I had to leave.
In particular, there was one guy working with us who had spent their whole lives working for [large company directly opposed to this org].
I asked him once in passing when he left and he didn't answer. I thought nothing of it, but he started to refuse to answer other questions - not in a hostile way, just always changing the subject.
Then I talked to someone else, and this guy had tried to sneak himself in as a "superadministrator" in another project, even after he'd been explicitly told not to. They asked him about why he did that, and again, he just acted as though he had never been asked.
More of this stuff happened. Particularly, the whole "gaslighting and pretending you never answered the question" got to me.
Eventually I brought this up in a meeting with a few people in charge. Everyone thought I was crazy - but trying to hack into a system and then refusing to answer questions, and being thrown off that project?
I left.
The worst part was I liked the guy, and we never argued or anything.
That's an interesting point of view, and a paranoid person would question the true motives of such a person in that org: were they in for the collective ? For personal gains ? Working as an agent for a third-party ?
> I asked, "Why are we on Facebook? These guys are completely against us!" and everyone looked patronizingly at the old guy and said, "We need to get our message across in every platform!"
This is actually a point I totally agree with: you have to talk to people where they are, especially when they don't already agree with you. But in my opinion it sends a wrong image and such orgs should use Libre Software and decentralized networks first, and only on top of that use FB/Twitter as a copy-paste of the main platforms.
There's a very important step to do that is to categorize who your target is. Basically it's a bunch of concentric rings: those who agree with you, then those who are questioning and need a bit of information, then those who aren't thinking about the subject yet... you have to convince those around you, who will convince those around them, and on and on. In that vein, sticking to decentralized platforms first and gradually growing makes a lot of sense
Indymedia had a collection of global mailing lists, run using private mailservers with no logs, and a private (encrypted) IRC server (with a web interface, and also with no logs). Nearly everyone in Indymedia operated under a pseudonym. But over the course of the noughties, most activists moved over to Faceache.
I never understood why activists would adopt pseudonyms, but refuse to use the (relatively) secure communication channels we provided, in favour of Twat and Faceache. Being involved with Indymedia was risky - it was infiltrated by undercover cops, and some of the people posting to the newswire were probably involved in criminal acts (e.g. criminal damage).
In the Whatsapp group, you don't have to share anything about yourself or your child that you don't want to. The daycare might only post very generic info about opening times, events, etc, or it might be one used only for parents to communicate among themselves, at their option.
Facebook know who is in the group and what they post but none of it is necessarily confidential information.
On the other hand, the daycare as part of their operations know lots of details of your children's development, health issues, allergies, mental health, educational attainment and special needs. They know if you are getting divorced, who has custody, if there are dangerous people in the child's life and so on.
Is keeping this private really in the same ballpark as choosing to have a WA group or not?
The fact that the bar for data privacy should be very high for the daycare shouldn't diminish the need for data privacy in the daycare-recommended parent group.
I've broken contact with a reasonably tech-savvy part of my family. I have to decide between being informed about current events and hoping the next Meta leak doesn't have my full name, number, hometown, and possibly group memberships.
Let's turn your question on its head: if using an application fighting to keep users' privacy as high as possible, such as Signal, just as easy as using Whatsapp, why use the latter ?
The premise of your question is obviously flawed: it is not as easy. The precise reason why WA is used is that it's easier, because vastly more people already have it installed.
But anyway, it's just not a priority for a daycare.
Guaranteeing that for example staff don't respond to enquiries about children's health unless it's from the parents is a priority.
I sometimes wonder whether there is any purpose to it in the long term. If/when Signal becomes big enough to be used by a lot of people, they will want to monetize too and the governments will become interested in monitoring messages there too.
It just feels futile. As long as companies need to turn a profit and governments can surreptitiously surveil their citizens there's no long-term solution. We can move to the next platform until that becomes popular (and hence worth monetizing and surveilling), then the next, repeat.
I'm semi-conspiratorial, semi-fatalistic about society's ability to change politics politically / non-technically. There are too many who are too apathetic (and I might even be one of them by already being semi-fatalistic) that anchor the current system in perpetuity. My conspiratorial side says this is by design, whilst my fatalistic side says it's human nature (essentially Hanlon's razor).
Revolutionary change is often a case of "it" getting (a lot) worse before it gets better, but with the inevitability of returning to the previous status quo just with different bums on the same seats. (I've previously stated my desire to write a novel based on this concept in order to try and explore the inevitability, or otherwise, of this 'revolution for nothing' and the changing priorities of individuals as their levels of power increase from zero to monarch and how that may just be a limitation of civilisation).
> There are too many who are too apathetic. Revolutionary change is often a case of "it" getting (a lot) worse before it gets better, but with the inevitability of returning to the previous status quo just with different bums on the same seats.
The problem with this is that you have far too many keyboard warriors who read clickbait headlines and decide they want to change the system.
The people actually working in that system have decades of knowledge about how it works. That isn't always a bad thing. They may understand how to navigate a complex system to get the real change you want, to actually happen.
Imagine if people in this "decentralized, trustless future" saw a YouTube video of an aircraft landing and came to the conclusion that they didn't use enough rudder on landing, without understanding the nature of a 25 knot crosswind.
They'd vote, the pilots would be fired, and aviation safety would drop another notch because the people voting didn't understand the scope of what they were voting on, because they weren't trained pilots.
I was referring to a potential way that messaging could avoid the ongoing pendulum between small, independent and as-yet un-tainted by snooping platforms and the large, popular, privacy invasions they eventually turn into because of their centralised control.
I wholeheartedly do not believe in making aircraft safety a democratic process.
Horses for courses.
Winston Churchill's quote:
“…democracy is the worst form of Government except for all those other forms that have been tried from time to time…”
> I wholeheartedly do not believe in making aircraft safety a democratic process.
But if I read you correctly ("society's ability to change politics") ... this is how the US got things like January 6th.
It's completely destabilizing for a functioning democracy when relatively small groups of like-minded people can coordinate over private channels and rally themselves into something crazy.
The reason politics "works" (and I use that term lightly these days) in this country are because things are all done out in the open.
If you don't like "snooping" and would prefer our politics be done in the dark ... that isn't freedom, that's back-channel politics. We don't want that, I don't care if the left or the right is doing it.
I am actually in favor of E2E encrypted chats and the like. But we need to keep politics out in the light of day. If you want to change the system, run for office.
> I am actually in favor of E2E encrypted chats and the like. But we need to keep politics out in the light of day.
That aligns with my position. I fundamentally believe in the necessity of transparency in politics. What I don't believe in is the the necessity of government / law enforcement snooping on E2E encrypted chats.
I don't want back-channel politics, I want back-channel private conversations amongst the citizenry. If this enables some back-channel politics then that's a price I believe is worth paying partially due to the fact that the end results of political decisions and actions are, by necessity, public.
Politicians should, by policy, have their political communications recorded (not made public, but archived "just in case") since they're working for the public. Those who avoid such scrutiny should be named and shamed if it can be proven. Utopian, I'm aware.
I think we need a DNS-like service that simply hold small encrypted blobs, just big enough to contain an IPv6 address.
When you "add" someone to your list of contacts, you are giving them the key to decrypt the blob that you update with your IP.(Complications ahoy here but this is the basic idea.)
That way, people can message your phone/computer-of-choice direct with whatever E2E protocol you want. No middleman.
Then you need an app layer built on that to manage messaging, video calls, group chats etc. But that app layer could be open and free. People often like some XML based protocol from the 2000s, but as long as it is secure - whatever.
Signal is developed by a non-profit and is open source, they have a higher chance of staying independent. With the cost of cloud services dropping hopefully there is less of the back-pressure to monetise
I’ve always assumed signal was a honeypot. They publish some source code but obviously we can’t verify the actual code running on iOS or (I assume) Android devices am I right? It seems like publishing open source could be a smoke screen. When they push code to devices they could link in alternate libraries that do whatever they want. They may even be able to push special code to targeted phones, avoiding detection by security researchers.
If this is your threat model, you can sideload the app instead of installing from the app store. This way, you can verify that you have the same app as everyone else and have not fallen victim to a supply chain attack.
Ensuring you received an unmodified phone without a nefarious operating system or baseband is probably harder.
> They publish some source code but obviously we can’t verify the actual code running on iOS or (I assume) Android devices am I right?
No, they have reproducible builds.
Everything else you said apply even more to other apps, not sure why you think Signal is more suspicious in that regard. But with reproducible builds and the .apk they have on their website, you can check that the source matches it every time you update, which is not something you can do with most other apps.
Ah, I see on Android they do. Not iOS according to an open github issue since 2015.
I am suspicious of signal because everyone says "use Signal it is secure" and it is popularly known for this. Because of this reputation for security, users will get comfortable and talk about their illicit activity, which makes it an attractive target for power brokers the world over. Every app could have this problem, but Signal is the one everyone keeps saying is secure, so it's the place people will spill their secrets.
Reproducible builds on android look cool, but I wonder if there are other threat models on Android than dishonest builds of the program itself.
BTW I just learned that you can setup Amazon Smile to pay Signal - .5% of your purchases goes to them as a donation. https://smile.amazon.com/ch/82-4506840
>If/when Signal becomes big enough to be used by a lot of people
I think people (including the government) noticed it a long time ago.
From 2015:
'According to CNN, "[t]he same technology that keeps a conversation private between you and a family member also gives a safe haven to a terrorist in Syria and the person in the United States he's trying to recruit to commit an act of mass murder."'
Ajit also undid the new tariffs that were about to be implemented for jails and prisons to avoid some inmates paying $50 for a 15 minute call to their family. Fuck Ajit.
I'm all for hating on Ajit, but from a cursory look at the prison case, the FCC just never really had the jurisdiction to regulate intrastate calls and repeatedly lost in court on that question. There was already a 50 cent cap on interstate calls under Pai, and this year under Rosenworcel it's been lowered to 14-21 cents[1].
Last I checked signal still needs a phone number so that is an issue. Lots of people use smartphones with no sim hooked up and wifi only. I was using wire for a bit but my 2 contacts were forced signed out and the password and password reset does not work only option is to start a new account and now they too were asking for a phone number. So onto something else I guess.
You can have it seems a text to any number to verify so even a dumb mobile phone would work.
Though I totally agree linking an IM account with a mobile number is bad. There's benefits too like discoverability and ease of use but I prefer something where I could be anonymous and have multiple accounts.
yes, signal requiring a phone number is the problem, and the only reason why I am not using it. In the last 10 years I have lived in 4 different countries, each time switching phone numbers. It is stupid to use such an unstable number as identity. My e-mail address has remained constant during the whole time.
And I do like to have different addresses for different groups of people.
In order to opt out, you needed to have an existing account and take specific actions around the time you agreed to the 2016 new terms of service. Based on the internet archive, this article was removed after April 20, 2018, and before May 5, 2018. When it was most likely obsolete (I don't recall the specific deadlines for accepting the 2016 TOS)
On the plus side, the various terms of services are all available without digging in the internet archive https://www.whatsapp.com/legal/terms-of-service/revisions