In today’s edition of “Data Rights”, it was decided to bring and review information from the official sources of Telegram and WhatsApp, as the most well-known and discussed applications in the media messaging services industry, with individual experience and history for everyone.
Based on the text given in both sources, two multi-million dollar industry giants concentrate on protecting user-data. Guaranteeing this only with quiet statements, unfortunately, for 9 and 5 years of work, neither side published the full source-code of the network, continuing to insist on its advantages over the rest without any real confirmation.
During disputes and contradictory unilateral dialogues, let’s assess which scenarios are given in their privacy policies and what kind of danger they present to our data.
“Telegram is an open-source project. Anyone can study our API, Protocol and Source Code and make an informed decision.”
Telegrams never had fully open-source code. In addition to the elementary lack of publication of the data storage code, the server part, the internal message processing code, the representatives’ statements about the full end-to-end encryption for each sent symbol, the public has also had questions about the difference between simple messages from “encrypted chats”.
“We store messages, photos, videos and documents from your cloud chats.”
“Telegram uses phone numbers as unique identifiers. We ask your permission before syncing your contacts.”
“Telegram only stores the data it needs to function properly.”
No information given on what data Telegram needs to function properly.
“We process your personal data on the ground that such processing is necessary to further our legitimate interests (…)”
“To make it easier for your contacts and other people to reach you and recognize who you are, the screen name you choose, your profile pictures, and your username on Telegram are always public.”
“Note that users who have you in their contacts will see you by the name they saved and not by your screen name.”
Recently we wrote how thanks to this function you can also get the mobile number of almost any user through the official application — Telegram’s Anonymity Hole: How to get any user’s phone number
“(…) we may collect metadata such as your IP address, devices and Telegram apps you’ve used, history of username changes, etc. “
“(…) our moderators may check messages that were reported to them by their recipients.”
“We may also use automated algorithms to analyze messages in cloud chats to stop spam and phishing.”
“We may also store some aggregated metadata to create Telegram features that work across all your devices.”
This is the most important part—Telegram has access to your messages, and they decide how to use it, including automatic and manual check.
“If Telegram receives a court order that confirms you’re a terror suspect, we may disclose your IP address and phone number to the relevant authorities.”
When receiving a document of legal structures with the recognition of a person as a terrorist, the telegram can transmit the IP address of its device and the phone number. Most likely, the sim-operator will be further requested to provide access to phone number — more new opportunities and privileges for state bodies.
In 2014, the WhatsApp messenger passed into the possession of Facebook Inc., after which many decided to “mix” their reputation and domestic policy. Nevertheless, we considered it right to disassemble the officially proposed facts, despite the conditional “lack of meaning” and “complete dependence” on the FCB.
In the first line you can smell the “blue” social network:
“WhatsApp must receive or collect some information to operate, provide, improve, understand, customize, support, and market our Services.”
The need for data collection also came to the messenger’s public house, without giving a real argument, at least somehow justifying the need for such actions.
“You provide your mobile phone number and basic information (including a profile name).”
“You provide us, all in accordance with applicable laws, the phone numbers in your mobile address book on a regular basis, including those of both the users of our Services and your other contacts. You may provide us an email address.”
“If a message cannot be delivered immediately, we may keep it on our servers for up to 30 days as we try to deliver it.”
“We may retain that content on our servers for a longer period of time.”
“We collect information about your activity on our Services.
“We collect device and connection-specific information when you install, access, or use our Services.” (Hardware model, operating system information, battery level, signal strength, app version, browser information, mobile network, connection information including phone number, mobile operator or ISP, language and time zone, IP, device operations information, device identifiers).
“We collect device location information.” (including IP, GPS, Bluetooth signals, information about nearby Wi-Fi access points, beacons, cell towers)
“We receive information about you from other users and businesses.”
“A business on WhatsApp may also use another company to assist it in storing, reading, and responding to your messages on behalf of and in support of that business.”
“We work with third-party service providers and the Facebook Companies”
“We collect, use, preserve, and share your information if we have a good-faith belief that it is reasonably necessary.”
Legal resources of the aforementioned companies often publish similar identical texts & documents, using legal jargon as they connote the same beliefs.
Save your data!