In a recent Blogpost, Jan Koum explains why we should believe that nothing will change for WhatsApp and why we should still entrust them with our communication.
He tells us about his past in the Ukraine of the 80s, how you did not talk about certain topics on the phone, because you never new who was listening.
One of my strongest memories from that time is a phrase I’d frequently hear when my mother was talking on the phone: “This is not a phone conversation; I’ll tell you in person.” The fact that we couldn’t speak freely without the fear that our communications would be monitored by KGB is in part why we moved to the United States when I was a teenager.
Sounds good. But the bad news is this: The Snowden leaks tell us, that if your conversation is not encypted in a very strong fashion, and if it goes over the internet, there will be someone listening.
And as we all have heard about national security letters it is no secret, that any data stored on a server of a company sitting within the United States can be handed over to investigative services. Please do not misunderstand me, this not something the companies might want to do, they have to. They have no choice. But it means that if the company has access to the unencypted content, then the various governmental services have access to it in one way or the other. So this is a situation not really that much better than the one he remembered. Especially as several cases like these twitter jokes and similar stuff raise the question what is „harmless“ and what is „illegal“.
But the story does not end there: WhatsApp had severe security issues from the start, collected the whole Adressbook instead of e.g. only the phone numbers and so on. So when Jan Koum says
Respect for your privacy is coded into our DNA, and we built WhatsApp around the goal of knowing as little about you as possible
it sounds to me like a bad joke.
If they fix their security and data protection issues, if they make the app open source and if they implement true end to end encryption, then I might trust them again, even if they are part of facebook.
Until then, I cannot trust WhatsApp any more. And I will be using other services, that provide the necessary measurements to earn my trust.