In the summer of 2016, WhatsApp made an unprecedented change. The Facebook-owned company turned on end-to-end encryption by default for all of the billion-plus people using it—becoming, in the process, the world’s largest encrypted messenger. Since then the number of people using it has swelled to more than 2 billion.
This story originally appeared on WIRED UK.
The radical shift means that nobody at Facebook is able to read, or mine data from, the content of the messages you send. The only things that can access them are the two phones—acting as end points in the encryption setup—where the app is installed. For the encryption protecting your messages to be decoded, both devices must verify and exchange security codes as messages are transferred.
The encryption that WhatsApp uses was originally developed by Open Whisper Systems, the group behind encrypted messaging app rival Signal. Even though WhatsApp’s end-to-end encryption does protect your communications—including files, images and calls—that doesn’t mean the service is as private as it could be by default. In fact, when it comes to WhatsApp versus Signal, we recommend the latter for people wanting the maximum security and privacy options.
However, with more than a third of the world using WhatsApp, its popularity is unrivaled, and you may not be able to drag all of your friends, family, and groups across to Signal. If that milestone is still some way off, here are some tips to make WhatsApp as private as possible.
Understand What WhatsApp Collects
WhatsApp says your phone number from WhatsApp, device information (including the type of phone, mobile country code, and operating system), and some of your usage information (when you last used WhatsApp, when you registered, and how often you message) are shared with other Facebook companies. Some of this data sharing has been controversial. In May 2017 the company was fined £94 million by the EU for combining WhatsApp phone numbers with Facebook data after it told regulators it couldn’t easily do so.
Any data sharing may come under further scrutiny in the future as Facebook looks to merge the infrastructure between WhatsApp, Facebook Messenger and Instagram’s messaging. However, it’s worth stressing that the content of the messages you send isn’t shared, as Facebook doesn’t have access to them due to WhatsApp’s end-to-end encryption.
On top of that, WhatsApp may also collect information about your phone’s battery level, signal strength, and mobile operator. Location information, when you turn it on, is also collected, and there are cookies that track your activity within the desktop and web versions of the app.
Turn Off Cloud Backups
WhatsApp allows you to back up your chats and data as a handy way to move all your information to a new phone—although this doesn’t actually work if you’re moving from iPhone to Android. These backups work by storing your data in Google Drive or Apple’s iCloud, depending on which operating system you use.