What’s With WhatsApp And Its Latest Privacy Policy?

What's With WhatsApp And Its Latest Privacy Policy?

Remember that you use iCloud or Google Drive to backup your WhatsApp chats? These third-party services are getting access to your messages. Now WhatsApp is gearing up to update its Terms of Service, as earlier this week it sent an in-app notification regarding its update on ‘Privacy Policy’ to users. Let’s see what has changed and what hasn’t with the messaging app.

Crux of the Matter

Let’s start by taking a look at the notification received:

What If We Don’t Agree To It?
The company’s new terms of service and privacy policy will go live on 8 February. In order to continue using the app thereafter, the users will have to agree to these rules.

What Are The Changes?
The most significant ones are how WhatsApp shares information with Facebook and its subsidiaries. Till now, existing users were provided with the option, to not share their WhatsApp account information with Facebook. 

The Hardware Information Collected

  • Battery level
  • Signal strength
  • App version
  • Browser information
  • Mobile network
  • Connection information (phone number and ISP)
  • IP address
  • Device operations information

Where Will This Data Be Located?
Whatsapp says it uses Facebook’s global infrastructure and data centers for data storage, including the ones in the US. This was not explicitly mentioned in the previous policy. It also says that in some cases, data will be transferred to the other parts where Facebook’s affiliate companies are based, adding that “these transfers are necessary to provide the global Services set forth in our Terms.”

Will Our Messages Remain Encrypted?
Yes, Whatsapp stays end-to-end encrypted i.e it can’t see your messages, or share it with anyone. This is because the data is encrypted on the sender’s device, so only the recipient can decrypt it.

Then What About Payments?
WhatsApp states that if we use their payments services they will “process additional information about you, including payment account and transaction information.” The WhatsApp Payments feature in India, anyways has its own privacy policy. On being rolled out last year, National Payments Corporation of India had taken measures to stop it from monopolising digital payments.

Data Collected By Other Messenger Apps

  • Signal – claims to only use mobile number for registration and not link it to the user’s identity.
  • iMessage – Email address, Phone number, Search history and Device ID.
  • Telegram – Name, Phone number, Contacts and User ID.

  • WeChat is a Chinese multi-purpose messaging, social media and mobile payment app developed by Tencent. First released in 2011, it became the world’s largest standalone mobile app in 2018, with over 1 billion monthly active users. WeChat has been described as China’s “app for everything” and a “super app” because of its wide range of functions.
  • On December 17, 2012, Instagram announced a change to its terms of use that caused a widespread outcry from its user base. The controversial clause stated: “you agree that a business or other entity may pay us to display your username, likeness, photos, and/or actions you take, in connection with paid or sponsored content or promotions, without any compensation to you“. The move garnered severe criticism from privacy advocates as well as consumers. After one day, Instagram apologized saying that it would remove the controversial language from its terms of use.
  • Terms and Conditions May Apply is a documentary that addresses how corporations and the government utilize the information that users provide when agreeing to browse a website, install an application, or purchase goods online. Made in 2013 by Cullen Hoback, it discusses the language used in user-service agreements on the World Wide Web, and how online service providers collect and use users’ and customers’ information.

The Moral Quandary Around Govts Using Facial Recognition

The Moral Quandary Around Govts Using Facial Recognition

Facial recognition technology has been around from Facebook’s photo tagging and identification to Apple’s Face ID feature. The unwarranted monitoring of citizens through the use of face recognition software is on the rise in the United States and it is seen as a serious threat to citizens’ privacy.

Crux of the Matter

Facial recognition technology provides a sophisticated surveillance technique that can be more accurate than the human eye which is now expanding at an explosive rate. Tech giants like IBM, Microsoft, and Amazon have invested heavily to develop these systems with an aim to enhance public safety as they battle to lead in a key emerging business.

Across the USA, the rise of the use of this technology to identify people by matching unique characteristics of their facial patterns to databases of images has sparked controversies and debates.

In India, the Uttar Pradesh government used public surveillance cameras to identify miscreants of the violence that began in Delhi. New Delhi is also among the top cities in India with a high number of CCTVs. According to some estimates, 200 mn CCTVs of Skynet have been installed in Mainland China. Skynet is reportedly one of the world’s largest surveillance agencies using FRT. Miscreants in 2011 London Riots were traced using CCTVs – there is 1 CCTV for every 14 people according to some estimates.

How Does It Work?
Facial recognition technology (FRT) creates a template of the target’s facial image and compares the template to photographs of preexisting images of a known face. The known photographs are found from driving license databases, government identification records, or social media accounts. Apart from its numerous other uses, it has the potential to be a useful tool in tackling crime rates by identifying criminals.

Growing Concerns
Privacy advocates have raised concerns on its use and misuse by US law enforcement agencies. US law enforcement agencies in several states like Texas, Florida and Illinois have been using FRT to scan photos of individuals without their consent using different databases to identify and arrest individuals at protests.

Apart from privacy, it is been long argued that use of FRT could lead to the wrongful arrests of people who bear only a resemblance to a video image. Recently, in the nationwide protests over the death of George Floyd and subsequent protests, the enforcement agencies were seen to use FRT to identify miscreants.

Summachar’s Coverage: History of Racism in US

Moreover, recent studies have shown that facial-recognition systems are said to misidentify people of color more often than white people which is a serious concern keeping in mind the ongoing protests and debates over racism. Critics also have raised concerns over implications of the right to freedom of association and right to privacy guaranteed under the First Amendment of the US constitution. Also, the Fourth Amendment prohibits an unlawful search of a place where a person has a reasonable expectation of privacy.

Where Does The Law Stand?
While many US police departments see this innovation as a way to make the law and order more efficient; San Francisco, Somerville, Massachusetts, Oakland, and California are the cities that have banned local law enforcement agencies from using FRT. 

The US Congress until now hasn’t introduced any legislation regarding either the use or a ban on the technology but the lawmakers on both sides of the aisle have raised concerns in recent oversight hearings. Though researchers and activists have raised concerns about the risks associated, the FBI and US Department of Homeland Security continue to use this technology to screen travellers and process immigration.

Congress and legislatures nationwide must swiftly stop law enforcement use of face recognition, and companies like Microsoft should work with the civil rights community to make that happen.

The American Civil Liberties Union

Neutral Stand Of Tech-giants
With growing voices to end police brutality and racial profiling, the tech-giants namely IBM, Amazon, and Microsoft have decided to limit the use of FRT and not sell it to any police department in the US until there is a federal law regulating it.

Microsoft was the first one to call for regulating FRT two years ago while backing the legislation in California to allow limited use of FRT. Recently, Microsoft clarified that it has not sold any such technology to police departments and it plans to put in place review factors to determine the use of FRT beyond law enforcement.

We will not sell facial-recognition technology to police departments in the United States until we have a national law in place that will govern this technology. The bottom line for us is to protect the human rights of people as this technology is deployed.

Brad Smith, Microsoft President

IBM has reported that it will be exiting the facial-recognition business over concerns about its uses for mass surveillance and racial profiling. Amazon has banned police from using its FRT for a year and has said that it will give Congress enough time to implement appropriate rules.

Technology has penetrated every aspect of governance and especially for law enforcement, technology brings in many advantages, but also raises questions over privacy and credibility. The courts and policymakers need to strike the right balance between the need for information and the right to privacy.

  • Woody Bledsoe was an American mathematician, computer scientist, and prominent educator. He is one of the founders of artificial intelligence (AI). He pioneered Facial recognition technology and in pattern recognition.
  • In Russia, there is an app ‘FindFace’ which can identify faces with about 70% accuracy using the social media app called VK. This app would not be possible in other countries that do not use VK as their social media platform photos are not stored the same way as with VK.
  • In December 2017, Facebook rolled out a new feature that notifies a user when someone uploads a photo that includes what Facebook thinks is their face, even if they are not tagged. “We’ve thought about this as a really empowering feature,” Facebook officials said. “There may be photos that exist that you don’t know about.”

China Starts Regulating Digital Encryption

China is pushing legislation to govern the use of cryptography for data privacy for both government and private players. Under these measures, China will encourage the use of modern encryption technology for commercial usage as long as its sovereign interests are not compromised.

Crux of the Matter
  • The new cyber security laws will take effect from January 2020.
  • The law mandates that all state secrets have to stored and transmitted using secure encrypted channels. Private players working in encryption have to give guarantees on their security management systems.
  • Private encryption developers cannot be compelled to handover sensitive information. If someone spots vulnerabilities and does not report them, they are liable to be punished.
  • This move is expected to protect the business interests of Chinese tech companies.
  • China conducts mass surveillance on digital platforms on a mammoth scale and strongarms companies to store data locally and wields the power to shutdown players that do not comply with their requests.

The Great Firewall of China is the combination of legislative actions and technologies enforced by the People’s Republic of China to regulate the Internet domestically. Its role in Internet censorship in China is to block access to selected foreign websites and to slow down cross-border internet traffic. The effect includes: limiting access to foreign information sources, blocking foreign internet tools (e.g. Google search, Facebook, Twitter, Wikipedia and others) and mobile apps, and requiring foreign companies to adapt to domestic regulations. Besides censorship, the GFW has also influenced the development of China’s internal internet economy by nurturing domestic companies and reducing the effectiveness of products from foreign internet companies. The Great Firewall is part of the Golden Shield Project. Since 2013, the firewall is technically operated by the Cyberspace Administration of China (CAC), which is the entity in charge of delining the Communist Party of China’s will into technical specifications. More Info

Government to Form Internet Misuse Framework

The internet has emerged as a potent tool to cause “unimaginable disruption” to democratic polity, the Ministry of Electronics and Information Technology told the SC, while seeking three months for finalising and notifying the rules that would regulate the functioning of social media intermediaries in the country. Though, expansion of internet has led to economic growth and societal development, there is also an exponential rise in hate speech, fake news and anti-national activities. A bench of justices Deepak Gupta and Surya Kant took the affidavit on record.

Crux of the Matter
  • The affidavit was filed in a transfer petition moved by Facebook seeking transfer of cases filed in three high courts, relating to linking of social media profiles with Aadhaar. SC had asked government to step in.
  • In reply to the petition the Information ministry asked for additional 3 months time to set up the required regulations and framework to effectively manage the problem keeping in mind the nation’s integrity and security.
  • Government has already initiated a wide-scale consultation process to revise the earlier rules with the participation and involvement of all the stakeholders. Ministry has also sought public opinion in this regard.
  • According to the affidavit filed by the ministry, an inter-ministerial consultation is also being planned so that effective, robust and comprehensive rules, covering all aspects of the matter, can be framed.

Internet censorship in India is done by both central and state governments. DNS filtering and educating service users in suggested usages is an active strategy and government policy to regulate and block access to Internet content on a large scale. Also measures for removing content at the request of content creators through court orders have become more common in recent years. Initiating a mass surveillance government project like Golden Shield Project is also an alternative discussed over the years by government bodies. More Info

India Set to Get World’s Biggest Facial Recognition Engine

The National Crime Records Bureau which reports to the Home Ministry is expected to procure the National Automated Facial Recognition System (AFRS) from third party vendors. This system is will boost the Police’s ability to nab criminals using AI.

Crux of the Matter
  • The National Crime Records Bureau (NCRB), asked for bids for the AFRS on July 8. The winner of the bid will be announced on November 8.
  • Ministry of Home Affairs, NCRB and state police forces would be the main beneficiaries.
  • In a trial run last year, Delhi police identified 3000 missing children using this technology.
  • Cyber law experts as well as industry leaders in the field including Microsoft and Amazon have raised concerns regarding the need to have clear regulations to prevent misuse of the technology and to respect the privacy of citizens.

Biometric Artificial Intelligence or facial recognition system is a technology capable of identifying a person from a digital image or video source. They work by comparing selected facial features from given image with faces within a database. Applications include advanced human-computer interaction, video surveillance, automatic indexing of images, and video database, among others. The leading face recognition software include Amazon Rekognition, Microsoft Face API, Google Cloud Vision and IBM Watson Visual Recognition, among others. Facial recognition has been made ubiquitous in China by AI startups like SenseTime, CloudWalk and Yitu. More Info