WhatsApp is popular: around 2 billion people around the world use Messenger. Alternatives such as Telegram or Threema have significantly more potential, but came too late: WhatsApp has now established itself as a quasi-successor to the good, old SMS. Basically there is nothing wrong with this, but users should take a look at the data protection issue from time to time before or during use.
What data does WhatsApp transfer?
Basically: WhatsApp stores data that users entrust to the service. In addition to the chats themselves, these include photos, videos and, of course, profile data such as the profile picture and the content specified there. Photos and videos are only cached for a short time, however, and the content is saved anyway: According to its own information, WhatsApp completed the rollout of the so-called end-to-end encryption according to the AES-256 standard in 2016, which can be done with new versions without additional activation the app works. The service promises that “nobody, not even us, has access to the conversations.” In other words: WhatsApp messages, group chats and phone calls are stored on WhatsApp, but cannot be seen there.The route between the cell phone and the person you are talking to via the WhatsApp server should also be secured in this way.
Check whether a chat is encrypted
In rare cases, chats may not be encrypted. For example, if one of the participants is using a very old WhatsApp version, for example because they are using a very old Android cell phone or have not updated their apps for years. To check whether a chat is encrypted, you can do the following:
1st step:
Open the chat in WhatsApp.
2nd step:
At the top, tap the name of the chat or contact.
3rd step:
You will see some group or chat information, including " Encryption ". If you tap this point, you can see whether the chat is encrypted.
WhatsApp still remains a data collector.
Unfortunately, the focus on end-to-end encryption is also a bombshell: WhatsApp cannot track the content of chats and conversations, and WhatsApp does not seem to have an “NSA backdoor” either . However, this does not mean that WhatsApp does not collect any data: Everything that is not covered by end-to-end encryption is definitely transmitted to the operator's server, including location and participant information such as phone number or profile data such as the profile picture or the information provided there. In addition, there is the information from the address book, which is essential for the meaningful operation of WhatsApp, but also causes problems with the GDPR..
Adjust the privacy settings of WhatsApp
WhatsApp also hurls data towards other users. It doesn't have to be: The settings can be easily adjusted:
1st step:
Open the WhatsApp settings .
2nd step:
Select " Account " and tap on " Privacy ".
3rd step:
Deactivate " Live location " and set all other items such as " Last seen " or " Info " to " My contacts " or even to " Nobody ".
4th step:
If necessary, deactivate the read receipts.
Chat backups in the cloud are a privacy leak
What is really annoying, however, is that WhatsApp does not encrypt its cloud backup. That means: If you use the practical backup function of the app, you save the chat data in plain text on Google (Android) or Apple (iOS) - and thus hand them over. However, this only plays a subordinate role: The NSA scandal showed that the big tech companies in the past worked together with the American domestic intelligence service, even when allegedly only "non-US citizens" were monitored. The Prism program is still active, which is why the US investigative authorities still have access to data from Apple, Google and Co. This would also affect users if the backups were directly on WhatsApp,because all these services are native to the USA and are therefore potentially the target of secret service activities by the invading US secret services.
Backup only as secure as cloud
storage.But that is not the only problem: WhatsApp would only be really safe from governments - just like other messengers, social media and cloud services - if they really encrypted all content automatically and without back doors . Of course, this also applies to the backups. WhatsApp is outsourcing the problem to Google and Apple, and even if these services attach great importance to encryption and security of the cloud, the NSA scandal leaves a taste. Therefore, it makes sense to completely deactivate the WhatsApp backups - and only to do manual backups when necessary, for example when the mobile phone is to be moved:
1st step:
Open the WhatsApp settings and select " Chats ".
2nd step:
Tap Chat Backup .
3rd step:
Set the point " Automatic backups " to " Off "
4th step:
To create a backup manually if necessary, for example when moving your mobile phone, tap on " Create backup now ". This is then saved again by the cloud service provider
Backing up the backup on Android devices manually
As an alternative to the backup in Google Drive, you have the option of manually backing up a local backup on Android devices .
- To do this, open WhatsApp, go to settings, then " Chats " and " Chat backup ".
- Tap " Back up to Google Drive " and select " Never ".
- Then tap on " Save ". A backup of your chats will now be created and saved locally on your Android phone.
- Connect your phone to a computer and open it in Windows Explorer. Open the directory " Phone "> " WhatsApp "> " Databases " and copy the file " msgstore.db " to your computer.
Note that the backup is not encrypted and can theoretically be opened by third parties. So save the file in a place where you are safe from virus attacks, for example..
Create a data extract
To get an overview of which data is stored on WhatsApp, you can also request a data extract. WhatsApp takes up to three days to create this, after which you will receive a report of the account information. To do this, open the WhatsApp settings and select " Account ". Then tap on “ Request account info ” and select “ Request report ”. This is then generated and sent via WhatsApp.
Note: The WhatsApp version used in the post is 2.20.27.
