For Facebook, it has never been about the profit, but the users. The social network has spent more than $22 billion on acquisitions, which includes $19 billion on WhatsApp exclusively! That is 2000 times the annual revenue of WhatsApp! Other popular acquisitions include Instagram ($1 billion), Oculus ($ 2 billion) and Atlas ($100 million). With recent psychological experiments conducted by Facebook on its unsuspecting users coming to surface, it becomes imperative to understand how our information is being collected, stored or used. In this blog post, I have tried to analyze the privacy policies (before and after) of three of Facebook’s major acquisitions – Instagram, Moves and WhatsApp.
Acquiring WhatsApp – From selling food stamps and Facebook rejects, to Billionaires.
“Respect for your privacy is coded into our DNA, and we built WhatsApp around the goal of knowing as little about you as possible: You don’t have to give us your name and we don’t ask for your email address. We don’t know your birthday. We don’t know your home address. We don’t know where you work. We don’t know your likes, what you search for on the internet or collect your GPS location. None of that data has ever been collected and stored by WhatsApp, and we really have no plans to change that.” (March 17, 2014) – Jan Koum (Co-Founder, WhatsApp)
WhatsApp is a messaging application which allows us exchange messages without incurring any SMS costs. Since its inception in 2009 by Jan Koum and Brian Acton, the corporation has been at loggerheads with the idea of advertising on its platform. As an alternative, it charges its users a nominal subscription fee after the ‘try-out’ first year.
Facebook acquired WhatsApp in February, 2014 for a whopping $19 billion! The apparent justification for this acquisition is WhatsApp’s rapidly growing user base with over 600 million users in its first five years (faster than Facebook itself). As of now, there is no hardcore evidence to prove speculations about Facebook monetizing WhatsApp data for targeted advertising. In fact, Facebook has supported its independent operability and even included Jan Koum on its Board of Directors.
Recently, in November, 2014, WhatsApp updated its platform to include end-to-end data encryption, touted to be the ‘strongest security any major texting app has offered’, leaving behind giants like Microsoft and Google. This does seem like a welcome change. However, keeping in mind Facebook’s recent escapades of data mining and psychological experiments, one doesn’t have to think twice about what’s actually in store for the future!
This clause makes Facebook’s objectives crystal clear, i.e. data mining. But why is data mining disadvantageous? There are several privacy and security issues involved such as unethical collection or use of the information without the user’s consent. Taking this a step further, what happens when businesses with such vital information (for e.g. our behavioral trends) wither away? This information is eventually sold to someone else who might use it in any way it pleases.
Another problem here is that the policy doesn’t clearly specify how the Affiliates shall use the users’ information, apart from ‘improving Instagram’s services or their own services’. Moreover, the new policy provides that following deactivation of the account, the company’s Affiliates may ‘retain information and user content for a commercially reasonable time for backup, archival or audit purposes’. This is in violation of the National Privacy Principles which mandates destruction of the information and condemns broad responses. A brief analysis of the principles can be found here and here.
Under its old policy, Moves was bound to notify its users of any changes ‘through the service, by email, via our Twitter account or otherwise’. This time however, no such intimation through mails or via twitter was provided. Also, the only notice provided by Moves this time was, “We have updated our Terms and Privacy Policies. By continuing to use Moves, you agree to the updates.” No consent of the user had been taken, nor an appropriate notice been given. This is in clear violation of the National Privacy Principles. Rather, it posed a situation of ‘take it or leave it’ to the informed users, essentially making it a Standard Form Contract.
1) Facebook Acquires WhatsApp: Consequences for Service Users, by Serge Malenkovich, Kaspersky Lab Blog.