The initial date provided for a changeover to these new rules from February 8; but WhatsApp finally announced, Friday, January 15, that it was postponing their entry into force for three months. The service thus seeks to reassure its users in the face of what it considers to be ” disinformation “ on how it processes their data.
- the pseudonym;
- telephone number ;
- IP addresses;
- data relating to the devices of its users.
For French people, and people located in the European Union, the protection by the general data protection regulation (the famous GDPR) prevents this account deactivation in such a case.
The confusion caused by this update, and the questions of Internet users around the world, however had effects. For example, many people have chosen the Signal or Telegram applications to transfer their private discussions. They also triggered the launch of an investigation by the Italian authority in charge of the protection of personal data, in order to take stock of the information actually collected and processed by WhatsApp.
How do you see what information WhatsApp has about you?
It is possible to view the data that WhatsApp has on you. To do this, go to the settings of the mobile application and in the “Account” submenu, make your request on the “Request account information” page. Once the request is validated, WhatsApp displays a forecast date on which the data can be downloaded.
After three days, a notification informs the user that the personal report is available. It is then possible to export this data using the application’s sharing function. Once downloaded to a computer, all you have to do is open the file and read the “access.html” document with any Internet explorer.
It is clear that the data collected by WhatsApp is relatively few and less impressive compared to Facebook (the archive can then reach several gigabytes). One of the main reasons for this is WhatsApp’s use of end-to-end content encryption: messages sent between users are not readable by WhatsApp. The company, like Facebook, therefore has no interest in keeping indecipherable messages on its servers beyond the time it takes to transmit them to their recipient. The data linked to your personal account therefore does not contain any discussions you have had on WhatsApp.
What data is kept by WhatsApp on its servers?
Unsurprisingly, we find in this “personal report” the name of the WhatsApp account, the information entered in the “News” section (usually used to notify other users of its availability status) as well as the profile picture and dates. which these last two have been configured. The connection status, to find out whether the user is online – or failing that when your last connection took place – is also listed there.
All this information is only visible to WhatsApp and the people with whom the user has chosen to share it in the privacy settings (“Everyone”, “My contacts”, or “Nobody”. In the latter case, they can be viewed by the owner of the account, and they are still stored on the WhatsApp servers).
Regarding the address book, only the phone numbers of our contacts who also use the application are recorded by WhatsApp; two other lists containing blocked numbers and groups are stored in separate sections. In practice, none of the information such as name, physical and e-mail addresses or any other details entered in the contact files of your phone (those stored in your Android or iOS smartphones, independently of WhatsApp) is sent by the application to servers.
However, the make, model and version of the operating system of the device used to access instant messaging is recorded, along with information about computers synchronized with the same account.
On the geolocation side, no GPS data is kept by WhatsApp. Indeed, when using the “location” sharing function with another user, the information is sent in an encrypted manner, like all other messages: only the recipient is therefore able to see the contact details; WhatsApp servers therefore cannot read them.
In addition, only the last IP address used to connect to WhatsApp is stored on its servers. It therefore seems impossible for the application to trace the movements of its users. Finally, WhatsApp also records the precise date and time at which the different versions of the Terms of Service were accepted in the past (updates of 2016, 2018 and 2021).
What should we conclude from this?
In view of this information, WhatsApp does not seem to be a “data vacuum cleaner” like other messaging applications that do not encrypt exchanges. This is what explains part of its worldwide success, the platform being light, compatible with many devices, but also known for a robust encryption of the messages exchanged (it uses the same protocol as that of Signal) .
Each user wishing to leave WhatsApp to use another service should also think about looking at the data collected by the latter before making his choice.
Even though WhatsApp has belonged to Facebook since 2014, the social network would have no interest in hiding part of the information it collects on its users from its users or the press: Facebook would face significant fines if such practices were discovered.
Even so, the fact that Mark Zuckerberg’s company owns the app may be disturbing after the many personal data scandals that have plagued the company. We therefore advise those who want to leave WhatsApp for this reason to also close their Facebook profile, their Instagram account, their Messenger account (also belonging to Facebook), and to block all Facebook modules present on the Web pages using extensions for browsers like Ghostery.