Few debates rage more fiercely in the social media world than the one around user privacy. While that subject is obviously fraught on a larger scale, companies in the social network sphere are some of the first to be cited for lacking privacy standards. Facebook receives ongoing flack for its sub-par privacy parameters, which, granted, the company has worked to change over the years. Recently, Snapchat — the “disappearing photo” application — has come under fire for misleading users as to how their data is stored, and for user photos leaking to other sources (although the company affirms that the leaks have been a product of third-party app usage). Those companies that base their business models on the concept of anonymity are under even greater scrutiny. Case in point: the recent hubbub over how anonymous mobile app Whisper actually is, after a series of pieces from The Guardian exposed the messaging app’s not-so-private practices.
Whisper’s premise is anonymous messaging, and it has become famous for the secret-sharing environment it encourages. Users can “admit” things without their identities attached to the posts, and the app has garnered billions of monthly page views. But when The Guardian published a piece on how Whisper is actually tracking users’ geolocations — despite some of them having denied the app access to their locales — a firestorm erupted. The issue has now drawn attention from the U.S. government.
1. Whether and how WhisperText tracks or has tracked the location of its users who have opted out of geolocation services, and if it has, how does it or has it used that information;
2. The extent to which WhisperText retains user data and the location(s) where user data is processed and retained;
3. WhisperText’s practices regarding sharing user data with third parties, including when and how those practices have changed over time; and
4. WhisperText’s practices regarding notifying users about its privacy and data security policies related to user data, including any changes to those policies.
How Whisper will respond, and what will come from the company’s admissions, will be something to watch for over the next couple of months. This will certainly not be the last case of a social network boasting privacy and being cited for violating it.