This article is a preview of The Tech Friend newsletter. Sign up here to get it in your inbox every Tuesday and Friday.
Dueling privacy promises say a lot about the battle to stop companies from guzzling your personal information.
In commercials, WhatsApp says that you can “message privately” with its chat app. New Apple ads brag that an iPhone gives you control over who sees your health data.
Those two privacy promises are also blaring on side-by-side billboards in San Francisco, as spotted by my colleague Geoffrey A. Fowler.
WhatsApp and Apple are doing great things to defend your privacy. Each company also plays a role in compromising your personal information. I’ll explain and share recommendations for you to protect yourself better.
The existence of the WhatsApp and Apple marketing messages also shows you’re winning the fight for your privacy and security — in spirit, if not entirely in practice.
It used to be common to hear that only criminals and paranoiacs worried about digital privacy. Now giant companies know that we all care.
Your texts with your sister may not be top secret, but we deserve to know that the conversations we believe are private really are.
That’s what companies mean when they talk about end-to-end encryption, as WhatsApp has been doing in an advertising campaign for more than a year. Your messages are scrambled so that no one but you and the message recipients can read them. If hackers steal your messages, they’ll see gibberish.
WhatsApp is right to brag about its encryption. The app has made encryption available to billions of people.
But.
“It’s sadly important that we scratch the surface and understand what’s behind the slogan,” said Meredith Whittaker, the president of the Signal encrypted chat app.
The biggest problem with WhatsApp’s privacy pitch is that the app is owned by Meta, a company that many of you do not trust.
Yes, the contents of WhatsApp chats and calls are private, including from Meta itself. Other details are not.
When you use WhatsApp, Meta knows the phone numbers of you and your contacts on WhatsApp, how often you open the app, your approximate location and the battery level of your phone.
Meta says it doesn’t keep logs of whom you’re messaging or use contact information to tailor ads to you on Facebook or Instagram.
Privacy die-hards also ding WhatsApp for not encrypting “metadata”— details such as who you chatted with and how long your WhatsApp call lasted. As we learned from U.S. government databases of Americans’ calls and emails, metadata can be revealing. (Other companies, including Apple, also save metadata from your chat history.)
WhatsApp can still be a great choice.
The consumer privacy group the Electronic Frontier Foundation wrote a few years ago that WhatsApp and Signal are good private chat apps for most people. EFF said there’s no perfect chat app for everyone.
The EFF document is somewhat out of date but worth reading.
If you don’t trust WhatsApp, you can use Signal if your contacts agree to use the app, too. You can also set WhatsApp or Signal messages to automatically delete in a day or a week.
You may also want to evaluate how your phone saves copies of your WhatsApp messages.
WhatsApp doesn’t automatically encrypt backup copies of your chat history. That makes it easier to transfer your chats when you buy a new phone, but those backups can be a privacy vulnerability.
Read more:
How to keep your text messages as private as possible
Should you turn on encrypted backups for Apple Messages and iCloud?
Apple’s newest marketing focuses on its Health app. That’s where your iPhone saves information like how long you slept yesterday, the number of steps you walked and whether you took your cholesterol pill. This week, Apple said it will add more health features, including an option to log your emotions.
Apple’s commercials are right that the company’s devices minimize the information they collect about you. Apple also encrypts your health information in its own apps and services. All good.
Apple also says it pays closer attention if any app on your phone wants to access information from your Health files. Apps must pledge not to sell your health information to data brokers or use the information to target ads. It’s not clear how Apple verifies those app promises.
But Apple is also complicit in the data harvesting economy, including for your sensitive health data. (Google is, too.)
Apple turns a blind eye to many of the naughty habits of apps. Apple doesn’t really stand in the way if the app you use to research your child’s rash sells that information to an advertising middleman or if a coupon app that has permission to follow your location then passes on information about people who visited abortion clinics.
Apple said that when the company finds apps breaking its rules, it works with app makers to resolve the problem. Apple also said it may ban repeat offenders from its app store.
I’m not saying Apple has a good alternative. We might not want Apple to be the all-knowing cop of app data practices. Still, it’s not entirely true when Apple says that health information on your iPhone is fully private and in your control.
Unfortunately, your individual power is limited. Your best protection is paranoia. Don’t trust that an app on your phone is keeping your information private.
Don’t believe that if an app is health-related, you are legally protected by American health privacy laws. You probably aren’t.
Andrew Crawford, the senior policy counsel for the Center for Democracy & Technology, recommended going through your phone’s settings to make sure you feel okay about the apps that log everywhere you roam. (Here’s how to review app location permissions on an iPhone and on an Android device.)
If a coupon app wants your location data and you can’t imagine why, say no. Or that might be a sign that this app shouldn’t be on your phone at all.
If one app knows your location, it might pass it on to other companies or government agencies without your explicit consent or knowledge. That’s how a Catholic group bought records to identity a priest who went to gay bars.
Crawford also suggested that if you’re going to sensitive locations such as health clinics for depression treatment or an abortion, you may want to consider leaving your phone at home. This is not a sensible choice for everyone.
Read more:
Where HIPAA protects you and doesn’t (Consumer Reports)
I checked Apple’s privacy ‘nutrition labels.’ Many were false.
Help Desk is a destination built for readers looking to better understand and take control of the technology used in everyday life.
Take control: Sign up for The Tech Friend newsletter to get straight talk and advice on how to make your tech a force for good.
Tech tips to make your life easier: 10 tips and tricks to customize iOS 16 | 5 tips to make your gadget batteries last longer | How to get back control of a hacked social media account | How to avoid falling for and spreading misinformation online
Data and Privacy: A guide to every privacy setting you should change now. We have gone through the settings for the most popular (and problematic) services to give you recommendations. Google | Amazon | Facebook | Venmo | Apple | Android
Ask a question: Send the Help Desk your personal technology questions.
