what personal data does the application store?

Many people are considering quitting WhatsApp after the latest Terms of Service update.

In recent days, a large number of WhatsApp users have started to wonder about the treatment of their data by the messaging company owned, since 2014, by Facebook. At the origin of these questions is the announcement of new terms of use, which will come into force on May 15: they partially redefine the scope of WhatsApp data that is shared with Facebook for its users.

The initial date provided for a changeover to these new rules from February 8; but WhatsApp finally announced, Friday, January 15, that it was postponing their entry into force for three months. The service thus seeks to reassure its users in the face of what it considers to be ” disinformation “ on how it processes their data.

Read also WhatsApp postpones changes to terms of service for three months

Today, most of the Whatsapp users already have part of the information they leave in the application processed by Facebook: part of WhatsApp privacy policy explains precisely what data is shared with “Facebook entities”. WhatsApp shares, for example, with its parent company information such as:

  • the pseudonym;
  • telephone number ;
  • IP addresses;
  • data relating to the devices of its users.

But some users were able, for a short period in 2016, to refuse to have such information shared with Facebook. For them, in countries outside theEuropean Union (on the American, African and Asian continents, for example), the new WhatsApp terms of use will make this data sharing mandatory. If the user refuses these conditions, WhatsApp has indicated that their account will be deactivated.

For French people, and people located in the European Union, the protection by the general data protection regulation (the famous GDPR) prevents this account deactivation in such a case.

The confusion caused by this update, and the questions of Internet users around the world, however had effects. For example, many people have chosen the Signal or Telegram applications to transfer their private discussions. They also triggered the launch of an investigation by the Italian authority in charge of the protection of personal data, in order to take stock of the information actually collected and processed by WhatsApp.

  • How do you see what information WhatsApp has about you?

It is possible to view the data that WhatsApp has on you. To do this, go to the settings of the mobile application and in the “Account” submenu, make your request on the “Request account information” page. Once the request is validated, WhatsApp displays a forecast date on which the data can be downloaded.

Screenshot of WhatsApp application. Screenshot of WhatsApp application.

After three days, a notification informs the user that the personal report is available. It is then possible to export this data using the application’s sharing function. Once downloaded to a computer, all you have to do is open the file and read the “access.html” document with any Internet explorer.

It is clear that the data collected by WhatsApp is relatively few and less impressive compared to Facebook (the archive can then reach several gigabytes). One of the main reasons for this is WhatsApp’s use of end-to-end content encryption: messages sent between users are not readable by WhatsApp. The company, like Facebook, therefore has no interest in keeping indecipherable messages on its servers beyond the time it takes to transmit them to their recipient. The data linked to your personal account therefore does not contain any discussions you have had on WhatsApp.

Read also WhatsApp, Twitter, Facebook, Snapchat: who encrypts users’ private messages?
  • What data is kept by WhatsApp on its servers?

Unsurprisingly, we find in this “personal report” the name of the WhatsApp account, the information entered in the “News” section (usually used to notify other users of its availability status) as well as the profile picture and dates. which these last two have been configured. The connection status, to find out whether the user is online – or failing that when your last connection took place – is also listed there.

All this information is only visible to WhatsApp and the people with whom the user has chosen to share it in the privacy settings (“Everyone”, “My contacts”, or “Nobody”. In the latter case, they can be viewed by the owner of the account, and they are still stored on the WhatsApp servers).

Article reserved for our subscribers Read also How Facebook wants to make WhatsApp profitable by changing its personal data policy

Regarding the address book, only the phone numbers of our contacts who also use the application are recorded by WhatsApp; two other lists containing blocked numbers and groups are stored in separate sections. In practice, none of the information such as name, physical and e-mail addresses or any other details entered in the contact files of your phone (those stored in your Android or iOS smartphones, independently of WhatsApp) is sent by the application to servers.

However, the make, model and version of the operating system of the device used to access instant messaging is recorded, along with information about computers synchronized with the same account.

On the geolocation side, no GPS data is kept by WhatsApp. Indeed, when using the “location” sharing function with another user, the information is sent in an encrypted manner, like all other messages: only the recipient is therefore able to see the contact details; WhatsApp servers therefore cannot read them.

In addition, only the last IP address used to connect to WhatsApp is stored on its servers. It therefore seems impossible for the application to trace the movements of its users. Finally, WhatsApp also records the precise date and time at which the different versions of the Terms of Service were accepted in the past (updates of 2016, 2018 and 2021).

  • What should we conclude from this?

In view of this information, WhatsApp does not seem to be a “data vacuum cleaner” like other messaging applications that do not encrypt exchanges. This is what explains part of its worldwide success, the platform being light, compatible with many devices, but also known for a robust encryption of the messages exchanged (it uses the same protocol as that of Signal) .

Read also: Signal: understanding everything about the highly successful secure messaging application

Each user wishing to leave WhatsApp to use another service should also think about looking at the data collected by the latter before making his choice.

Even though WhatsApp has belonged to Facebook since 2014, the social network would have no interest in hiding part of the information it collects on its users from its users or the press: Facebook would face significant fines if such practices were discovered.

Even so, the fact that Mark Zuckerberg’s company owns the app may be disturbing after the many personal data scandals that have plagued the company. We therefore advise those who want to leave WhatsApp for this reason to also close their Facebook profile, their Instagram account, their Messenger account (also belonging to Facebook), and to block all Facebook modules present on the Web pages using extensions for browsers like Ghostery.

Update, Saturday, January 16 10:30 a.m .: the differences on the effects of the upcoming changes to the WhatsApp terms of use, between European and non-EU users, were clarified.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.