Skip to content

How to Boost WhatsApp’s Privacy and Better Protect Your Data

In the summer of 2016, WhatsApp made an unprecedented change. The Facebook-owned company turned on end-to-end encryption by default for all of the billion-plus people using it—becoming, in the process, the world’s largest encrypted messenger. Since then the number of people using it has swelled to more than 2 billion.


This story originally appeared on WIRED UK.

The radical shift means that nobody at Facebook is able to read, or mine data from, the content of the messages you send. The only things that can access them are the two phones—acting as end points in the encryption setup—where the app is installed. For the encryption protecting your messages to be decoded, both devices must verify and exchange security codes as messages are transferred.

The encryption that WhatsApp uses was originally developed by Open Whisper Systems, the group behind encrypted messaging app rival Signal. Even though WhatsApp’s end-to-end encryption does protect your communications—including files, images and calls—that doesn’t mean the service is as private as it could be by default. In fact, when it comes to WhatsApp versus Signal, we recommend the latter for people wanting the maximum security and privacy options.

However, with more than a third of the world using WhatsApp, its popularity is unrivaled, and you may not be able to drag all of your friends, family, and groups across to Signal. If that milestone is still some way off, here are some tips to make WhatsApp as private as possible.

Understand What WhatsApp Collects

WhatsApp can collect a lot more information about you than you might think. Much of what it collects is similar to any other app and can be found in its privacy policy. But the app is also part of Facebook’s machine, and this information can be combined with other data you give Facebook, through the social network but also its other products, including Instagram.

WhatsApp says your phone number from WhatsApp, device information (including the type of phone, mobile country code, and operating system), and some of your usage information (when you last used WhatsApp, when you registered, and how often you message) are shared with other Facebook companies. Some of this data sharing has been controversial. In May 2017 the company was fined £94 million by the EU for combining WhatsApp phone numbers with Facebook data after it told regulators it couldn’t easily do so.

Any data sharing may come under further scrutiny in the future as Facebook looks to merge the infrastructure between WhatsApp, Facebook Messenger and Instagram’s messaging. However, it’s worth stressing that the content of the messages you send isn’t shared, as Facebook doesn’t have access to them due to WhatsApp’s end-to-end encryption.

WhatsApp collects more information about you than it shares with Facebook. Most of this is metadata, which can be revealing about user behavior. The company’s privacy policy says it gathers information about how you interact with others on its services (the time, frequency, and duration of interactions with others), some diagnostic information about when the app crashes, and other information such as any statuses you set, group features, your profile photo, and when you’re online.

On top of that, WhatsApp may also collect information about your phone’s battery level, signal strength, and mobile operator. Location information, when you turn it on, is also collected, and there are cookies that track your activity within the desktop and web versions of the app.

Turn Off Cloud Backups

WhatsApp allows you to back up your chats and data as a handy way to move all your information to a new phone—although this doesn’t actually work if you’re moving from iPhone to Android. These backups work by storing your data in Google Drive or Apple’s iCloud, depending on which operating system you use.