What's wrong with WhatsApp ?

Do I have to change? The answer to that depends on your comfort with what Facebook did / is doing. And may depend on a lot of things. Some people are jumping ship - others are prepared to weather the storm. Let me explain...

On January 3rd, 2021 Zak Doffman (@UKZak) published an infographic that explained the vast differences in data collected between different messaging apps. There was also an article in Forbes https://www.forbes.com/sites/zakdoffman/2021/01/03/whatsapp-beaten-by-apples-new-imessage-update-for-iphone-users/?sh=1b347dc33623 and this may have started the world in migrating.

On January 10th, 2021 Ian Barwise (@z3r0trust) wrote an article on Medium https://medium.com/swlh/heres-why-signal-is-better-for-your-privacy-than-whatsapp-or-telegram-1c3dd9107450 which is a great read for anyone interested in understanding the reasons, details behind some of the differences in the options.

I'm trying to make this a little more approachable / practical for people. So here goes.


But really, what changed?

While the fact that Signal does depend on / require your phone number seems missed, it's a really simple way to see how abusive of your data Facebook is.

This image was created by @UKZak / posted on his twitter as well as in his article on Forbes:

Messaging Apps Compared


When Facebook acquired WhatApp they made a statement that they wouldn't be using WhatsApp information on their platform - and that is the essence of what is changing.

While Signal was developed by the same person who wrote the underlying protocol which is used in WhatsApp. The content of your messages should still be secure.  I qualify this statement because the app is not open sourced for easy inspection, but security researchers often investigate apps to see if they are making false claims. So why change?


For many, a big reason will be that Facebook is scary.

They have become very adept at using metadata or making inferences about people. Adding WhatsApp data to their existing profiles on their users should help them target people more accurately. The idea being of course to improve their ability to target you as a comsumer. By using a free app you become the product. I don't like that. Using things like the data detailed above, they could determine a lot of personal information about you. The subtle patterns in usage, like sending someone a message while at a pharmacy and again from a "Babies R Us" could result in seeing advertisements for diaper services. But the real risks can go deeper than that.

By targeting ads well enough and at the right time they can maximize the conversion rate (how likely you are to buy).

Some people don't care. I think people should.


What can I do?

Often it's hard to move away from a platform - you likely have family on it, or co workers, and you might not be able to change all their minds. Many apps can be restricted though - if possible, you can use your phone's permission settings to remove things like location access from applications that don't need it. Preventing apps from reading your contacts might make it harder to find people but it will also make it harder for the app do achieve it's real purpose - which is converting you into a well categoried target for marketing.

Preventing them from accessing your location should make it more difficult for them to infer what you are doing by where you are.

Here's what mine looks like. This can be further restricted to remove camera and microphone permissions (unless you are using WhatsApp for video or voice calls). I denied the app permissions to access:

  • Call Logs (why do they need to know who I talk to?)
  • Contacts (why do they need to know who I know?)
  • Location (why do they need to know where I am?)
  • SMS (why should they read my text messages?)
  • Telephone (why should they know who I am on a call with?)

Consider reviewing the permisions apps ask for. If they ask for too much that can't be justified, can you trust what they are doing?

I don't, but I hope this helps.


WhatsApp Permissions on Android