What is WhatsApp doing and why?
‘When WhatsApp got acquired by Facebook, one of the promises they made was to not change their privacy policy. Their policy was quite good beforehand and WhatsApp said they would not mine the user’s data, a promise to which they stuck for a very long time.
But even though WhatsApp will not see the content of your conversations, they will be able to see who is talking to who, at what time of day, or from what location, and all of that is sensitive information. Facebook quietly announced that they’re collecting this data, which fortunately led to a big debate. But after all, Facebook is in the business of making money with people’s information and people need to be aware of that.
You could say Facebook did the right thing because they ended up scaring users into using alternatives that are less privacy-invasive.’
'Privacy doesn’t begin or end at European borders'
We have the GDPR in Europe, does that protect us?
‘Officially, nothing changes for European users. Companies need a legitimate concern in order to collect data about you, and they need to have a proper privacy statement. But as long as you’re open about what you do, you can still do quite a lot. Companies have to tell you what they collect and then you have a choice of usage, and the choice to see the data that has been collected about you. Ideally, we should have all the users asking for the information, which would lead to quite some extra work for WhatsApp and send a signal that people are concerned about their data.
The problem however is the imbalance of power between the user and the provider. Leaving WhatsApp is really costly for you in social terms, and it’s very hard to convince people to use something else. This is where the FOMO (Fear of Missing Out, ed.) comes into play, and that’s the same for all of social media. Luckily the fines for non-compliance with the GDPR are really severe, which scares off the companies.’
Are we Europeans too concerned or not concerned enough?
‘Privacy doesn’t begin or end at European borders. Other internet users should enjoy the same rights as us Europeans. The GDPR luckily caused a public debate and spread privacy to other jurisdictions, with for example California adopting similar laws.
'There’s no bad intention from the politicians, just a lack of knowledge'
The bigger issue is the fact that there’s still a business in tracking people. I do have a choice whether I purchase an Apple or a Microsoft product, but I don’t have a choice when I use their online platforms. I can choose not to use Google Docs but most other people use it which makes it very hard to not do so. Those services are a very clear exploitation of peer pressure. Google Docs is great to work with, but you automatically get tracked. Alternatives don’t only lack certain features or usability, but many of them are also American cloud-hosted services.
You also find very few people in the Dutch parliament who really understand the issues at hand. This makes it really easy for lobbyists to claim otherwise or for companies to say “We only collect this or that data”. There’s no bad intention from the politicians, just a lack of knowledge.’
'I’m willing to trade a bit of convenience for a lot of privacy'
Where do you see the student involvement and responsibility as this, should we as the tech savvy generation be the change?
‘In my experience, students are selectively privacy-conscious. Usually, my students don’t turn their camera on or join meetings with their microphone on, which is totally fine. Many students are selective about what they use, but when it comes to WhatsApp, everyone uses it because simply everyone uses it. This is where the network effect comes into play: the more people that are on the medium, the harder it gets for people to leave.’
If you could give one advice to the reader, what would it be?
‘Switch to Signal. Signal was established with privacy as a goal. While it can lack some usability in comparison to other apps, I’m willing to trade a bit of convenience for a lot of privacy.’