Facebook is already facing flak globally for breaching the trust of millions of users in the recently unearthed Cambridge Analytica controversy. Now, unconfirmed reports of “Israeli users connected to WhatsApp via Facebook servers” have raised another wave of privacy concerns for WhatsApp users as the popular chat platform is now owned by Facebook. While WhatsApp is yet to officially comment, reports claim that this “will ensure better quality of connectivity” for all WhatsApp users in Israel. Note that WhatsApp using Facebook servers has been reportedly only in Israel as of now.
“We are a part of Facebook now and contribute to Facebook’s transparency report...but because of End-to-End (E2E) encryption enabled by default on WhatsApp, the contents of the messages are not visible to anybody except for the sender and recipient,” said WhatsApp spokesperson Carl Woog during his visit to India in August 2017 when he was questioned on “WhatsApp E2E Encryption: What Data the Police Gets And What Not.”
Messages are encrypted but what about WhatsApp Metadata?
The content of the messages sent and received between two users are end-to-end encrypted. Also, WhatsApp never stored chats on its servers, even prior to introducing E2E encryption. But the problem is not with the messages but metadata.
For those unaware, WhatsApp collects some metadata from each and every user when they use the platform. WhatsApp has also confirmed that this metadata information could be passed on to law enforcement agencies or government when requested.
So, if WhatsApp is using Facebook’s servers to “boost connectivity” in a particular region does it mean that the user metadata automatically gets saved on Facebook servers? The answer is of course, yes. The metadata will obviously exist on the server for WhatsApp to communicate. But the real question—is WhatsApp taking initiative to erase this metadata after sometime as it is not required always. Well, we will have to wait for WhatsApp to respond to this question.
Now, what can Facebook know about you through your WhatsApp usage?
While officially there is little information on WhatsApp metadata, court cases have reportedly revealed a lot about WhatsApp metadata. So, while the actual WhatsApp chats (including multimedia files and stickers) are E2E secured, this is the data that Facebook can squeeze out from WhatsApp if they want:
Your name, mobile number, IP address, location, mobile network and your mobile handset type. The company can also get insights on with whom you are chatting, for how long and at what time. And possibly, your contacts as well.
So, even if you delete your Facebook account, the social media giant can have access to this metadata when WhatsApp uses Facebook’s servers.