The acquisition of WhatsApp by Facebook will not change its approach to user privacy, CEO Jan Koum reassured users in a company blog post Monday. In the post, "Setting The Record Straight," Koum said the app did not collect basic user information in the first place and that even if it did, its privacy protections would remain unchanged, ensuring that user data
is not viewed as a commodity.
"You don't have to give us your name and we don't ask for your e-mail address," he said. "We don't know your likes, what you search for on the Internet or collect your GPS location. None of that data has ever been collected and stored by WhatsApp, and we really have no plans to change that."
The $19 billion acquisition of WhatsApp by Facebook is one of the largest in history, particularly within the tech sector. Due to the sheer size of the deal, many privacy experts concluded Facebook would likely exploit the messenging app's user data.
One thing WhatsApp users have said they liked about the service is the privacy it provides. Although there is a significant amount of metadata collected by the app, messages themselves are generally considered to be private since they are not stored. This means that, at least in comparison with regular text messaging apps, conversations on WhatsApp are somewhat private and secure.
Koum's blog post centered on his promise that all of WhatsApp's pro-privacy policies users have come to expect would not go away.
"If partnering with Facebook meant that we had to change our values, we wouldn't have done it." Koum said. "Our fundamental values and beliefs will not change. Our principles will not change. Everything that has made WhatsApp the leader in personal messaging will still be in place."
A Lot of Data
WhatsApp collects more information about its users than is mentioned in the short blog post, which leaves the impression the app knows almost nothing about its users because it does not record e-mail addresses, locations, names and other basic information. However, metadata and phone numbers are being scooped up by the messenging service.
In January, Dutch and Canadian privacy authorities said after a joint investigation that the California-based WhatsApp had violated the two countries' privacy laws by collecting and storing non-user information. On phones other than those running iOS 6 or later, users must grant access to their device's entire address book before they are able to use the app.
"Both users and non-users should have control over their personal data, and users must be able to freely decide what contact details they wish to share with WhatsApp," said Jacob Kohnstamm, chairman of the Dutch Data Protection Authority, in a report. The report said WhatsApp has committed to fix the issue, but there was no timeline for the fix.
Privacy researcher Runa Sandvik has found that the app periodically accesses a user's address book and copies phone numbers. Even though names are not collected with the numbers, WhatsApp still has enough information to create general profiles of users and the people with whom they chat.
Other data are collected and stored for reasons WhatsApp has yet to make public. Whenever a user contacts someone with the app, Sandvik found, contact details from both parties are stored and the time and date of the conversation are also recorded. So while WhatsApp may not have plans to exploit user data, now that Facebook owns the company, there is a lot of information Facebook could access.