Those two privacy promises are also blaring on side-by-side billboards in San Francisco, as spotted by my colleague Geoffrey A. Fowler.
WhatsApp and Apple are doing great things to defend your privacy. Each company also plays a role in compromising your personal information. I’ll explain and share recommendations for you to protect yourself better.
The existence of the WhatsApp and Apple marketing messages also shows you’re winning the fight for your privacy and security — in spirit, if not entirely in practice.
It used to be common to hear that only criminals and paranoiacs worried about digital privacy. Now giant companies know that we all care.
WhatsApp’s ‘message privately’ pitch: It’s true but …
Your texts with your sister may not be top secret, but we deserve to know that the conversations we believe are private really are.
That’s what companies mean when they talk about end-to-end encryption, as WhatsApp has been doing in an advertising campaign for more than a year. Your messages are scrambled so that no one but you and the message recipients can read them. If hackers steal your messages, they’ll see gibberish.
WhatsApp is right to brag about its encryption. The app has made encryption available to billions of people.
“It’s sadly important that we scratch the surface and understand what’s behind the slogan,” said Meredith Whittaker, the president of the Signal encrypted chat app.
The biggest problem with WhatsApp’s privacy pitch is that the app is owned by Meta, a company that many of you do not trust.
Yes, the contents of WhatsApp chats and calls are private, including from Meta itself. Other details are not.
When you use WhatsApp, Meta knows the phone numbers of you and your contacts on WhatsApp, how often you open the app, your approximate location and the battery level of your phone.
Meta says it doesn’t keep logs of whom you’re messaging or use contact information to tailor ads to you on Facebook or Instagram.
Privacy die-hards also ding WhatsApp for not encrypting “metadata”— details such as who you chatted with and how long your WhatsApp call lasted. As we learned from U.S. government databases of Americans’ calls and emails, metadata can be revealing. (Other companies, including Apple, also save metadata from your chat history.)
What you can do about WhatsApp privacy compromises
WhatsApp can still be a great choice.
The consumer privacy group the Electronic Frontier Foundation wrote a few years ago that WhatsApp and Signal are good private chat apps for most people. EFF said there’s no perfect chat app for everyone.
The EFF document is somewhat out of date but worth reading.
If you don’t trust WhatsApp, you can use Signal if your contacts agree to use the app, too. You can also set WhatsApp or Signal messages to automatically delete in a day or a week.
You may also want to evaluate how your phone saves copies of your WhatsApp messages.
WhatsApp doesn’t automatically encrypt backup copies of your chat history. That makes it easier to transfer your chats when you buy a new phone, but those backups can be a privacy vulnerability.
Apple’s ‘your health data. In your control’: That’s true but …
Apple’s newest marketing focuses on its Health app. That’s where your iPhone saves information like how long you slept yesterday, the number of steps you walked and whether you took your cholesterol pill. This week, Apple said it will add more health features, including an option to log your emotions.
Apple’s commercials are right that the company’s devices minimize the information they collect about you. Apple also encrypts your health information in its own apps and services. All good.
Apple also says it pays closer attention if any app on your phone wants to access information from your Health files. Apps must pledge not to sell your health information to data brokers or use the information to target ads. It’s not clear how Apple verifies those app promises.
But Apple is also complicit in the data harvesting economy, including for your sensitive health data. (Google is, too.)
Apple turns a blind eye to many of the naughty habits of apps. Apple doesn’t really stand in the way if the app you use to research your child’s rash sells that information to an advertising middleman or if a coupon app that has permission to follow your location then passes on information about people who visited abortion clinics.
Apple said that when the company finds apps breaking its rules, it works with app makers to resolve the problem. Apple also said it may ban repeat offenders from its app store.
I’m not saying Apple has a good alternative. We might not want Apple to be the all-knowing cop of app data practices. Still, it’s not entirely true when Apple says that health information on your iPhone is fully private and in your control.
What you can do about Apple’s privacy compromises
Unfortunately, your individual power is limited. Your best protection is paranoia. Don’t trust that an app on your phone is keeping your information private.
Don’t believe that if an app is health-related, you are legally protected by American health privacy laws. You probably aren’t.
Andrew Crawford, the senior policy counsel for the Center for Democracy & Technology, recommended going through your phone’s settings to make sure you feel okay about the apps that log everywhere you roam. (Here’s how to review app location permissions on an iPhone and on an Android device.)
If a coupon app wants your location data and you can’t imagine why, say no. Or that might be a sign that this app shouldn’t be on your phone at all.
If one app knows your location, it might pass it on to other companies or government agencies without your explicit consent or knowledge. That’s how a Catholic group bought records to identity a priest who went to gay bars.
Crawford also suggested that if you’re going to sensitive locations such as health clinics for depression treatment or an abortion, you may want to consider leaving your phone at home. This is not a sensible choice for everyone.
Where HIPAA protects you and doesn’t (Consumer Reports)