In January 2021, WhatsApp prompted its 2 billion users to accept new terms of service which revealed the way it shares user data with Facebook. If users didn’t accept, they’d no longer be able to use Whatsapp as their messenger of choice. Even though message content is end-to-end encrypted, WhatsApp still collects the most data from its users compared to other encrypted messengers like iMessage, Signal, and Telegram.
WhatsApp tried to explain that they’re trying to transition the app from a personal communications platform to a commercial communications platform where consumers can interact with business. WhatsApp wants people to start shopping, making payments, and interacting with customer service reps on WhatsApp. Why would people use WhatsApp for this? Isn't this already what businesses use Facebook for? Why complicate an encrypted messaging app when users could use Facebook messenger instead?
The reason for this is that WhatsApp doesn't make much money for Facebook (WhatsApp's parent company) so Facebook needs to find a way to monetize the 2 billion users on their global messaging platform. Put simply, when you want to ask a question to Delta Airlines, Facebook wants WhatsApp to be the platform of choice for that conversation versus calling up Delta's customer service line or tweeting @Delta.
This shift necessitated new terms of service so that businesses could use data when you communicate with their business on WhatsApp. Businesses, not WhatsApp, get to see the contents and metadata and want to store them on Facebook servers and use this content for advertising on all Facebook platforms. Users still send encrypted messages, but businesses are free to do what they want with the contents of the messages that you send directly to them. An apt analogy would be like recording a conversation between caller and a customer service rep for quality assurance purposes. However, the damage was done and messenger users didn’t accept the explanation, especially given Facebook’s reputation around privacy and data sharing.
The backlash was so strong that millions of users looked to competitor social media messaging services, mainly Signal and Telegram. Downloads for both of these messengers spiked on the Apple app store as well as on the Google Play store in the week following the WhatsApp announcement.
TL:DR: Signal takes the cake hands down. Let’s dive into why that is.
Both platforms offer end-to-end encryption, but with Telegram you have to 'opt-in' to make your chats encrypted by using the ‘secret chats’ feature. Telegram also doesn't support end-to-end encryption functionality in group chats, making many users who moved their group chats from WhatsApp to Telegram actually less private and less secure than they were on WhatsApp.
Telegram's encryption protocol has also come into question. Many encryption experts dislike that Telegram uses its own encryption algorithm MTProto Protocol instead of the Signal Protocol. Security professionals prefer to see encryption done with open source tools so that everyone can verify the safety and security of the platform.
Geography matters too since developers working in a country with anti-encryption government policies could be forced to alter their software at the whim of the government and begin providing unencrypted data to government entities. Telegram’s headquarters in Dubai raises these exact concerns from cybersecurity experts.
Signal on the other hand uses the open source Signal Protocol and all chats are end-to-end encrypted by default, including group chats. It is developed by the Signal Technology Foundation which is a non-profit organization based in the United States. Moxie Marlinspike and Trevor Perrin co-authored the Signal Protocol and later on Moxie and the WhatApp co-founder Brian Acton launched the the Signal Technology Foundation. Both the cryptography and the organization tick all the boxes from security experts and even got a shout out from Elon Musk on Twitter with a two word message, "Use Signal". They've got our vote too!
Some see the migration to Signal as a sign that consumers are becoming more aware about the abuse of their personal data by social media platforms like WhatsApp and its parent company Facebook. Many users are starting to act in their own best interests by rejecting Big Tech in favor of platforms centered around privacy and security. We agree and see this shift as an indicator of the new privacy frontier for personal data.
The migration to encrypted messengers is only the first step. Consumers use all sorts of software to communicate and collaborate with each other so caring about privacy should extend beyond just one app. Data surveillance and collection occur when you browse the web, grant apps permissions on IOS and Android devices, and pretty much every other interaction with Big Tech.
There are few digital spaces today where you can assume that someone isn’t collecting their data. Everyone uses a word processor and especially popular platforms like Google Docs, Evernote, or Apple Notes to store and access their data via the cloud. This data can be some of the most private and confidential data that you can generate. It gives a direct line of sight into the unfettered mind of a user.
If you care about end-to-end encryption in group chats with friends, you should also care about privacy when you make plans, brainstorm ideas, share files, or keep a personal journal. Getting off of one platform that harvests your messenger data, but continuing to use all of the others doesn’t really protect your privacy too well. The shift in consumer behavior around messaging services is just the first step.
That’s why we built Skiff, an end-to-end encrypted collaboration platform, where you can be sure that your privacy and security are taken seriously. Whether you’re working on the next big thing or just making a shopping list with your roommates, opting for a privacy-first platform with end-to-end encryption gives you peace of mind that your data isn’t being collected.
When you use Skiff, you keep your private documents private with end-to-end encryption to guarantee that in transit and on Skiff servers, we can never access your data. We also believe that security extends beyond encryption and must be incorporated into the product as a whole. Features like watermarks, password protected documents, and encrypted links enable tight controls giving users the ability to be confident in their privacy.
If you’re as excited as we are about confidential collaboration, make sure to sign up on our waitlist. The end-to-end encryption revolution is here!
Skiff is making privacy accessible to everyone.