Which user of WhatsApp he never wondered if someone outside the conversation read or listened to our messages. The privacy and transparency in the handling of our data was always at the center of the controversy, and much more now, as a result of the latest Facebook initiative that promises to get more involved in chats.
The messaging service made it clear that no one other than the chat members can see the messages. However, when a conversation is reported, Facebook may receive some messages to examine.
Now, due to a report from the independent news agency ProPublica, the subject returned to bring new doubts and uncertainty.
How End-to-End Encryption Works
In the report they explained that WhatsApp has more than 1,000 workers hired in office buildings in Austin (Texas), Dublin and Singapore who are engaged in review millions of user content.
The messages they examine are, those who were reported by WhatsApp users as inappropriate, which are then inspected by an artificial intelligence system. The people who analyze the messages treat all kinds of reported content, such as fraud, spam, child pornography and even terrorism “usually in less than a minute.”
As explained by the courier company, the security function that protects communications with the same encryption protocol as Signal. This is responsible for ensuring that, in case the messages are intercepted, they cannot be read and the cybercriminal encounters nonsense characters.
Encrypted WhatsApp messages. Photo: Shutterstock
This is because the end-to-end encryption of WhatsApp, like that of many other applications, relies on the use of unique and individual keys. These are necessary to decrypt the content of the messages.
Being stored only on your phone and that of the person with whom you have a conversation, no one else, not even Facebook itself, can access them.
However, successive controversies around privacy and data sharing involving WhatsApp encouraged them to make this end-to-end encryption feature even more transparent.
The end-to-end encryption of WhatsApp.
In this sense, when you click on the name of the contact in any of your chats and then on the “Encryption” option, a QR code will appear on the screen that will allow you to verify if the public keys of the security mechanism match.
Facebook can read your messages
Beyond the technical framework behind the conversations on WhatsApp, users demonstrated against the “contact report” function, which allows to report a problematic conversation so that measures are taken against the user if the company detects that they have violated its conditions of service.
In this sense, WhatsApp acknowledged that when reporting a conversation, the company receives “the most recent messages sent by the reported user or group, as well as information about their recent interactions” in order to generate a behavior report on the 5 latest messages, as published by the site WABetainfo.
When a specific conversation is reported, the system forwards the latest messages to the company’s moderators and, in this case, a new connection is generated with them that includes new encryption and decryption keys. In short, Facebook are not directly accessing your messages.
Million dollar fine against WhatsApp in Turkey
The Turkish Personal Data Protection Board (KVKK) on Friday imposed a fine of 1.95 million Turkish lira ($ 235,000) on WhatsApp for not sufficiently protect the data of its users.
In a statement, the KVKK recalled that WhatsApp had introduced modifications that allow it to use more personal data with the express consent of users, but that if they refuse to give their consent, they are removed from service.
According to the regulatory body, subjecting the application services to the prior condition of explicit consent is contrary to the personal data protection law in Turkey.
The conditions of service of WhatsApp, a company owned by Facebook, are presented in a “non-negotiable manner,” the KVKK was quoted as saying by the daily Sabah.
With this, the interested parties are forced to give their consent to the contract as a whole, “thus trying to exclude express consent“he added.
These practices violate the principle of “compliance with the law and standards of honesty”, the Turkish authority continued when justifying the fine imposed.
This fine in Turkey was announced one day after the Irish Data Protection Commission (DPC), the main regulator in the field of privacy in the European Union (EU), reported that it had fined WhatsApp Ireland 225 million euros for violating data protection regulations.