WhatsApp is still giving data to the authorities

WhatsApp is still giving data to the authorities

A few weeks ago a report on a possible backdoor to WhatsApp messages caused more than a little excitement for users of the popular app. Security experts in the know disagreed with The Guardian report, and WhatsApp has also denied the reports in company statement. Now there's a new WhatsApp controversy to contend with: WhatsApp is continuing to provide user data to the authorities. 

Basically, it should not be a big surprise that companies such as WhatsApp, Facebook or Google (to name only a few) are continuing to transfer user data to the authorities. This isn't even the conspiratorial will of the companies, just the legal status quo for many countries – like the USA.

About two weeks ago, WhatsApp was put under the spotlight by The Guardian. The newspaper reported on the existence of a possible backdoor that would enable various government authorities to tap into encrypted messages. Security experts have disagreed with The Guardian's interpretation, and WhatsApp has also denied these claims. 

A recent article from Forbes does indicate that WhatsApp continues to pass on user data – which, as we've already mentioned, is not a huge surprising. The most exciting thing about this whole situation is exactly which data it specifically concerns. Because there has been no official statements from WhatsApp on this subject, a Forbes journalist has gone through the courts to source the necessary information and has hit the big time. 

On being made subject to a court order, WhatsApp collated and released the metadata – this is what's known in the US as a Pen Trap Order. The data collection does not contain any message content, but rather data on which users the monitored account as communicated with, the frequency of the contact and also the transmission times for messages in question. IP addresses and location data can also be captured as part of these monitoring activities. Each individual investigation has its own scope, and in such cases WhatsApp is not allowed to notify the affected users that they had been monitored by the authorities.

The court records indicate that WhatsApp apparently doesn't actually retain a huge amount of data. Even before the large scale rollout of the end-to-end encryption, it was difficult to access message contents because they were deleted from the WhatsApp servers after being delivered to the recipient. Since WhatsApp now encrypts messages, their content can no longer be accessed.

The parent company, Facebook, incidentally is also open to receiving such requests from governments. As encryption is not used in this particular case, there's hardly any barriers preventing the authorities from accessing this information. Forbes reported that they had seen documents that shows the kind of user data that Facebook will actually pass on: private messages, activity statistics, likes, contacts, even rejected friendships. 

AndroidPIT omar loves facebook messenger
Facebook has enough data to create a complete profile on a person's activities. / © NextPit

A lawyer for the American Civil Liberties Union (ACLU), Neema Singh Guliani, told Forbes that the metadata shared by WhatsApp is sufficient to draw a picture of any monitored user activities. It's not even necessary to store metadata, as the messenger doesn't retain it, so afterwards hardly any information can be picked up about the users.

What is particularly astonishing is the WhatsApp Information Policy: Facebook regularly publishes transparency reports that contain information on government requests. WhatsApp, in contrast to Facebook, is only able to pass along a small amount of data and behaves as if its lips are sealed. Needless to say, neither Facebook nor WhatsApp wanted to comment on the details of the Forbes article.

The Forbes article highlights the gray areas which accompany digital communication: the data transfer arrangement initially concerns mainly suspects in criminal matters, but it is also much too easy for the focus of these investigations to become unscrupulous. The authorities' need for clarification should not be ignored – the Forbes report does point to legal actions against drug crimes and terrorism, among other things.

Ultimately, it's up to the users to draw their own conclusions on data transfers to government authorities. Many alternatives to WhatsApp and Facebook Messenger are available, but they are often lacking in features. That's a shame as these are often the only apps available that can ensure that private data remains just that - private. 

What are your views on IT companies transferring user data to the authorities? Under what circumstances do you think that this should be allowed? Let us know in the comments below!

Source: The Guardian, Forbes


Write new comment:
All changes will be saved. No drafts are saved when editing
Write new comment:
All changes will be saved. No drafts are saved when editing

  • Àlex B Jan 31, 2017 Link to comment

    I don't care, I have nothing to hide. And the data goes through a selection process, nobody reads it if it's not unusual content.

  • Andria D. Jan 31, 2017 Link to comment

    Current authorities seem to have forgotten that the Constitution was conceived and written as it was because our Founding Fathers thought it was better to allow the guilty to evade justice, than for the innocent to be persecuted. They really need to be reminded of this fact.