Posts

Is WhatsApp Privacy a Big Fat Facebook Lie? What You Need to Know.

WhatsApp privacy policy

WhatsApp Privacy: Facebook’s New “Data Use” Policy

I have been getting a ton of questions on the privacy of your personal data that is sent through WhatsApp. Is Facebook, who owns WhatsApp, sharing everything you write, including all of your contacts, messages and behaviors? It’s not quite that simple, but neither is Facebook.

Facebook announced a new WhatsApp privacy policy recently which created A LOT of confusion and user backlash. The changes caused such an uproar that they ultimately have decided to delay release of the new WhatsApp privacy agreement from Feb. 8 to May 15 while they sort themselves out. So let me give you a head start!

Behind all of this, WhatsApp is trying to break into the world of messaging for businesses (to compete with Slack and other programs). That way, when you communicate with a business, Facebook will see what you’re saying and use that information for advertising purposes.

Your Data That Can Be Accessed By Facebook

Facebook contends that your private messages will remain encrypted end-to-end, including to them, but Facebook & WhatsApp will have access to everything they’ve had access to since 2014:

  • Phone numbers being used
  • How often the app is opened
  • The operating system and resolution of the device screen
  • An estimation of your location at time of usage based on your internet connection

Purportedly, Facebook won’t keep records on whom people are contacting in WhatsApp, and WhatsApp contacts aren’t shared with Facebook. Given Facebook’s miserable history with our personal privacy, I don’t actually believe that they will limit information sharing to the degree that they promise. I think that this is one of those cases where they will secretly violate our privacy until it is discovered and then ask forgiveness and lean on the fact that we have no legislation protecting us as consumers. But please be aware that if you utilize Facebook, you are already sharing a massive amount of information about yourself and your contacts. WhatsApp may just add another piece of data into your profile.Watch The Social Dilemma on Netflix if you’d like to learn more about how you are being used to power their profits.

Highly Private Messaging Alternatives to WhatsApp

So, while it is mostly a “cosmetic change” to the WhatsApp privacy policy, if you are uncomfortable using it, you may want to consider the following:

    • There are alternative messaging apps, including Signal and Telegram, both of which have seen huge new user sign-ups since the announcement. I personally use Apple Messages (daily communications) and Signal (highly confidential communications).
    • WhatsApp says it clearly labels conversations with businesses that use Facebook’s hosting services. Be on the lookout for those.
    • The feature that allows your shopping activity to be used to display related ads on Facebook and Instagram is optional and when you use it, WhatsApp “will tell you in the app how your data is being shared with Facebook.” Monitor it and opt out.
    • If you don’t want Facebook to target you with more ads based on your WhatsApp communication with businesses, just don’t use that feature.
    • Trust the WhatsApp messaging app as much as you trust Facebook, because ultimately, they are the same company.

John Sileo is a cybersecurity expert, privacy advocate, award-winning author and media personality as seen on 60 Minutes, Anderson Cooper and Fox & Friends. He keynotes conferences virtually and in person around the world. John is the CEO of The Sileo Group, a business think tank based in Colorado

NSA Angry Birds Help the Government Spy on Your Intimate Details

NSA Angry Birds are Stalking You

So you’ve had a rough day at the office.  You plop down on your couch with a cold beverage nearby, ready to let the day go.  You have twenty minutes until your chicken pot pie dings, and the thought of chicken reminds you of, well… Angry Birds. Harmless fun. NOT!

While you may be enjoying a mindless game, somewhere far off in cyber land others are just beginning to work very hard.  WHO THEY ARE: advertising companies and intelligence agencies alike. WHAT THEY ARE DOING TO YOU: gathering all of the most personal data off of your mobile device: everything from your name, age, sex, location, and perhaps even your political alignment or sexual orientation—and lots more!

All of this is according to documents provided by the former National Security Agency contractor and whistleblower Edward Snowden to the New York Times.  Snowden asserts that the NSA and Britain’s Government Communications Headquarters have been able to gather information from so-called “leaky apps” that give out all sorts of unintended intelligence.

Through these leaks, intelligence agencies and advertising groups are able to collect and store information on location and planning data through use of Google Maps, and access your address books, buddy lists, and telephone logs through use of posts to sites such as Facebook, Flickr, LinkedIn, and Twitter placed on mobile devices. 

It turns out that Big Brother is actually an NSA Angry Bird. I don’t know whether to be more upset with the NSA for scraping this information from Apps, or with the Apps themselves for scraping this information without even telling us!

This top secret NSA document (one of many released by Snowden) shows some of the activities that can be searched.

It’s pretty much understood and accepted that apps (especially older ones) track locations and gather other data to pass on to mobile ad companies.  And we’ve known for some time that the NSA has been pursuing our mobile information, but these documents show us many more details of the “mobile surge” and the ambitious plans the agency has for using the information they gather from apps on smartphones.

Every time you use a smartphone, you need to remember you’re also really using a computer- a highly-sophisticated, highly vulnerable computer.   According to Philippe Langlois, who has studied the vulnerabilities of mobile phone networks and is the founder of the Paris-based company Priority One Security, “By having these devices in our pockets and using them more and more, you’re somehow becoming a sensor for the world intelligence community.” In other words, we are all spies for anyone who has access to our mobile phones, which includes pretty much every app we have.

So what’t the solution? None, as of right now. Until there is legislation governing what can be captured from our mobile phones, we are open game, so to speak. And that makes me angry.

John Sileo is an an award-winning author and keynote speaker on identity theft, internet privacy, fraud training & technology defense. John specializes in making security entertaining, so that it works. John is CEO of The Sileo Group, whose clients include the Pentagon, Visa, Homeland Security & Pfizer. John’s body of work includes appearances on 60 Minutes, Rachael Ray, Anderson Cooper & Fox Business. Contact him directly on 800.258.8076.

Data Privacy Expert on the Irony of Dictionary.com’s Word of the Year

Dictionary.com has chosen its “word of the year”. Thank the etymological gods it’s not selfie, twerk or hashtag. No, this year’s most relevant, most searched word is:

Privacy.

Call me geeky, but this is happy news to privacy experts, because it raises consciousness that this stuff (your right to keep certain information to your self) actually matters.

 And consciousness has definitely been raised in 2013:

  • Data security and privacy experts everywhere should thank Edward Snowden for exposing the NSA surveillance programs that monitor every American’s phone calls, Facebook posts and emails for signs of terrorism (and any other data they care to intercept).
  • Thanks to SnapChat for making deleted photos recoverable (despite claims they disappear).
  • Additional kudos to Google Glass for raising awareness on how easy it is to capture intellectual property as criminals videotape their way through Fortune 500 offices, record ATM PIN numbers of the bank customer in front of them and deploy instant facial recognition software in a variety of social engineering schemes.
  • And in the Coup de Grace of 2013, bonus points to Target for playing the Grinch in a massive holiday breach that exposed 40 million of their customers’ records (customers who actually shopped at Target, not online).

Here’s the ironical twist to the word of the year: Dictionary.com violates your privacy at a standard higher than most other websites. You thought you were just looking up a word, right? Wrong – you are creating a traceable behavioral profile that can be sold to marketing firms worldwide. For example, when you type a word into Dictionary.com, your “surfing profile” is immediately sold to 234 additional websites before you’ve even read the full definition. So when your daughter looks up “bankruptcy” while doing a term paper for high school, Chase Bank buys that information, scores you as a high risk candidate for financial default and, the next time you apply for a credit card, redirects you to a web page offering you a considerably higher annual APR. Brilliant, no? See more examples in my post Big Brother Lives in Your Browser.

I don’t want to look a gift horse in the mouth, however (well, maybe a little). Thank you to Dictionary.com for reinforcing the relevance of data privacy issues that quietly affect every one of us every day. Now, if privacy experts could just get Dictionary.com to include a definition of data privacy that accounts for the idea of consent (that we get a choice of what to share and who to share it with), that would be real progress. In other words, data privacy is a matter of degree, not all or nothing.

John Sileo is an author and keynote speaker on privacy, identity theft and technology security. He is CEO of The Sileo Group, which helps organizations to defend the data that drives their profitability. His recent engagements include presentations at the Pentagon, Visa, Homeland Security and Northrop Grumman as well as media appearances on 60 Minutes, Anderson Cooper and Fox Business. Contact him directly on 800.258.8076.

Does the NSA or Google Spy More on You? [Burning Questions Ep. 4]

Today’s Burning Question for online privacy expert John Sileo:

“Who is the bigger spy, the NSA or Google?”

I thought that was a really fascinating question.  Of course, it comes because in the last couple of months the NSA has been outed by Edward Snowden, the former NSA employee.  The NSA (National Security Agency) has been spying on our phone calls- who we’re calling and when, our emails- who we’re emailing and what about, and even our social media posts.

The latest scandal is called “Muscular”.  Somehow, the NSA has gotten between the transmissions of Google and Yahoo.  In other words, the NSA has been “sniffing” the emails going back and forth between the two largest email providers in the US and this has angered the tech giants like Google, Yahoo, and Facebook.

Recently there was an article in the New York Times about the tech companies wanting to defend their privacy.  In particular, Eric Schmidt, the chairman of Google, has gone on the record to the Wall Street Journal talking about how we need to do a better job defending our privacy.  (Watch the video embedded in our BQ video.)

Let’s take a look at a few of Schmidt’s comments.  First, he said, “You have to take a strong position in favor of privacy.  Do you really want the government tracking all of your information?”  I find it very ironic that this man whose company tracks all of our information is asking this question!  You could substitute Google’s company name for government:  “Do you really want Google tracking all of your information?”  Here he is calling for privacy on one hand and violating it on the other.

The second statement that is fascinating is, “Let’s start with appropriate oversight and transparency.  You don’t have to violate the privacy of every single citizen in America in order to find them.”  You might also say you don’t have to violate the privacy of every single citizen or track the privacy of every single user of Google in order to market to them.  It takes a lot of gumption for somebody who is so focused on collecting our private data to say that the NSA is collecting too much information!

So, the question again is, “Who is the bigger spy, the NSA or Google?”  Well, of course, the NSA is much larger and is collecting more information, but mostly thanks to companies like Google.

John Sileo is a keynote speaker and online privacy expert, as well as the CEO of The Sileo Group, which helps organizations to protect the privacy that drives their profitability. Recent engagements include presentations at The Pentagon, Visa, Homeland Security and Northrop Grumman as well as media appearances on 60 Minutes, Anderson Cooper and Fox Business. Contact him directly on 800.258.8076.

USA Today MUSCULUR

HoGo Document Protection: 10 Questions w/ Digital Privacy Expert John Sileo

By Mike Spinney, HoGo (Document Protection Simplified)

John Sileo is a kindred spirit when it comes to fighting the good fight against data breach and identity theft. I met John about seven years ago when we were both part of a joint project to raise awareness over the issue of physical document protection and we’ve been friends ever since. I admire what John does to help make people more aware of their personal risk and take steps to prevent identify theft. A two-time victim of identify theft, John has refused to wallow in his victimization and instead has become a privacy expert in his own right and taken his powerful, personal message to audiences around the world raising identity theft prevention awareness as one of the issues premiere speakers.

In addition to keynote speaking and his video series, Burning Questions, John is a frequent media source for stories about privacy and identity theft. He was in my area last month for to give a series of keynote presentations for the University of Massachusetts’ privacy awareness program so I took the opportunity to meet with John and ask him ten questions about his work and the issue of data privacy and information protection.

HoGo:  Your personal ID theft story is not uncommon. Is there anything that might have caused you to take better care of your personal information prior to your first experience? Continue Reading…