I was waiting to see how long this would take to come out. The media has recently been playing up WhatsApp founder Jan Koum and his experience escaping Big Brother KGB privacy invasions in Soviet Ukraine. Supposedly this led to Koum’s focus on user privacy when he developed WhatsApp. Anyone who has been following the security and privacy of WhatsApp for the last few years knows that WhatsApp claiming it values privacy is a load of…
Yasha Levine at PandoDaily decided to finally correct the story line to actually match reality. As he states bluntly:
In fact, since Koum launched WhatsApp in the summer of 2009, the company’s privacy track record has been horrible: It’s been aggressively incompetent and careless with user data. It has also repeatedly failed to provide users with even the most rudimentary security measures. As a result, WhatsApp left its messaging data wide open for potential surveillance and interception by intel agencies, scammers and Internet lurkers with basic hacker skills.
He goes on to point out that when WhatsApp finally started providing basic encryption in 2012 it did it with flawed encryption that was easily broken and not properly implemented. This is the same flaw that the Soviets made in the 1950s… Canada’s Privacy Commissioner and Dutch Data Protection Authority both took WhatsApp to task in 2013 for violating several privacy laws in both countries.
Trust me this is only going to get better now that they are owned by Facebook. I am impressed with WhatsApp and their success but I think they are stretching the truth way past its limits when they claim that privacy is baked into the solution.