Facebook spying

Why WhatsApp new mandatory privacy policy will make Facebook even more creepy?

If you have been using WhatsApp lately, you will notice that this prompt will start popping up:

WhatsApp new terms and privacy policy prompt

Basically, you have until 8 February 2021 to accept WhatsApp’s new terms and privacy policy. If you refuse, then you will not be allowed to use WhatsApp. Your only recourse is to delete your WhatsApp account and delete the app.

Should you accept their new terms and privacy policy? I know, the path of least resistance is to accept them and continue using WhatsApp because everyone else is on WhatsApp. But you have to understand what is going to happen if you do so. There are some things in their new terms and privacy policy that bugs me.

What information does WhatsApp collect and share with Facebook?

When you use WhatsApp from 8th February 2021 onwards, all your personal information that WhatsApp collects will be cross-referenced with Facebook. Your personal information includes:

  1. Mobile phone number
  2. All the phone numbers in your address book
  3. Locations that you share with your WhatsApp contacts
  4. Transactions and payment data, which can include your shipping details

Make no mistake. Once you accept the new terms and privacy policy, Facebook will get all the phone numbers in your device’s address book.

Facebook’s People You May Know (PYMK) algorithm will get more powerful

We already know that Facebook’s PYMK algorithm is very creepy. As this article explained,

And the results of its People You May Know algorithm are anything but obvious. In the months I’ve been writing about PYMK, as Facebook calls it, I’ve heard more than a hundred bewildering anecdotes:

– A man who years ago donated sperm to a couple, secretly, so they could have a child—only to have Facebook recommend the child as a person he should know. He still knows the couple but is not friends with them on Facebook.

– A social worker whose client called her by her nickname on their second visit, because she’d shown up in his People You May Know, despite their not having exchanged contact information.

– A woman whose father left her family when she was six years old—and saw his then-mistress suggested to her as a Facebook friend 40 years later.

– An attorney who wrote: “I deleted Facebook after it recommended as PYMK a man who was defense counsel on one of my cases. We had only communicated through my work email, which is not connected to my Facebook, which convinced me Facebook was scanning my work email.”

When you sign up to Facebook, you may have given Facebook access to your Google account, which Facebook happily help themselves to your Google account’s contact list. Or you may have given the Facebook app access to your device’s address book. Not only have you done that, but your friends, colleagues, associates, acquaintances, clients may have done the same. When Facebook have access to everyone’s address book and cross-reference this information with one another, they can build up a very comprehensive and creepy map of who is associated with who.

Now, what if you let Facebook have access to all the phone numbers in your device? Then you can bet that their PYMK algorithm is going to get even more creepy. In fact, this is exactly what Facebook is going to do. This is what their new terms and privacy policy says (note what I have highlighted in bold):

How We Work With Other Facebook Companies

As part of the Facebook Companies, WhatsApp receives information from, and shares information with, the other Facebook Companies. We may use the information we receive from them, and they may use the information we share with them, to help operate, provide, improve, understand, customize, support, and market our Services and their offerings, including the Facebook Company Products. This includes:

improving their services and your experiences using them, such as making suggestions for you (for example, of friends or group connections, or of interesting content), personalizing features and content, helping you complete purchases and transactions, and showing relevant offers and ads across the Facebook Company Products; and

Not only that, Facebook can work out who is associated with you through the WhatsApp group that you hang out in. You can bet that the location data that you have shared on WhatsApp will be fair game for Facebook to use.

Dobbing in other people’s privacy

The problem with letting Facebook access your device’s address book is that not only will your privacy be affected, but other people’s privacy may also be affected. For example, there is an anecdote that Facebook recommended two clients of a psychiatrist to one another even though they do not know each other. It turned out that Facebook worked out that since each of the two clients are separately associated with the psychiatrist (through their address book), and therefore, they may be associated with one another. By cross-referencing the address book of multiple people, Facebook can work out relationships and associations that you do not expect them to know.

Shadow profile

What if you don’t have a Facebook account? Or your mobile phone number is not saved in your Facebook profile?

Even in these situations, Facebook can still build a shadow profile of you. Even if you have not disclosed your mobile phone number to Facebook, they will eventually be able to work out the linkage between your mobile phone number and your Facebook profile. As I wrote in my book, Digital Security & Privacy for Dummies, businesses in your neighbourhood bricks and mortar store can provide Facebook with a crucial piece of information to link your mobile phone number with your Facebook profile. For example, have you ever filled in a lucky draw card that includes your email and mobile phone number? That is enough to tell Facebook to link a shadow profile to an existing Facebook profile.

So, if you agree to let WhatsApp share your personal information (which include your device’s address book) with Facebook, you will be helping Facebook unexpectedly deduce information about you and your associates that is not immediately obvious. Sometimes, it is not you who may suffer the consequences, but someone else because you have accidentally dob them in.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from iSecurityGuru

Subscribe now to keep reading and get access to the full archive.

Continue reading