The Information Regulator has now stepped in and demanded that Facebook offer South African users the same terms and conditions being offered to users in the European Union.
The regulator said South Africa’s Protection of Personal Information Act (Popia) has created a privacy regime in the country that is “very similar” to the EU’s and “therefore believes that WhatsApp should adopt the EU policy in South Africa, and other countries in the global south that have similar regimes”.
“The regulator remains of the view that despite WhatsApp operating in different legal and regulatory environments, there are effectively two privacy policies,” it said, one for users living in Europe and another for those outside Europe.
“Given Facebook’s status as one of the world’s largest companies, the regulator is of the view that it should work together with other organisations to hold Facebook accountable,” it said.
It has engaged with the Global Privacy Assembly, of which it is a member, to obtain the view or position of the organisations on the revised Ts&Cs. It has also asked the portfolio committee on justice & correctional services to request Facebook South Africa and WhatsApp to appear in parliament to answer questions on the matter.
South Africans over the age of 60 and healthcare workers can now register for a Covid-19 vaccine through WhatsApp or a USSD code at no cost.
As the second phase of the Covid-19 vaccine rollout is expected to kick off next Monday(17 May), the service is only open for people over the age of 60 as well as healthcare workers which have not been vaccinated through the Sisonke protocol.
With a population of over 700, 000 the Western Cape has seen less than a quarter;181,000 people registered for the vaccine since 16 April 2021.
“We are going on an extra drive to encourage people to be registered on the system. We want to increase the numbers over the coming weeks and this will enable those who don’t have access to the internet to register,” said Western Cape Head of Health Dr. Keith Cloete.
How to access the services:
No ID number
The process is similar to the Electronic Vaccination Data System (EVDS) Self Registration Portal which was set up as a website by the government.
Meanwhile, Health Minister Zweli Mkhize said officials were ready to give the registered elderly their jabs and the second phase of the vaccine rollout program will go ahead as planned.
Fears about the forthcoming changes may have been premature, though a local ruling may stop WhatsApp from going ahead with its proposed changes.
The contentious change to Whatsapp’s terms of service would allow Whatsapp, which Facebook inc owns, to share some information from your WhatsApp profile and usage with its parent company and its subsidiaries like Instagram.
However, South Africa’s Information regulator has now made itself heard on the matter stating that Whatsapp could not share user’s contact information with Facebook Inc. without the regulator’s permission. The Information Regulator of South Africa said:
“WhatsApp cannot without obtaining prior authorisation from the IR process any contact information of its users for a purpose other than the one for which the number was specifically intended at collection, with the aim of linking that information jointly with information processed by other Facebook companies”.
This is in line with the Protection of Personal Information Act which was put in place to protect South Africans by limiting which information can be collected by companies and how that information is stored and used.
Chairperson of the IR, Pansy Tlakula, said their “legislation is very similar to that of the EU. It was based on that model deliberately, as it provides a significantly better model for the protection of personal information than that in other jurisdictions.”
“We do not understand why Facebook has adopted this differentiation between Europe and Africa.”
If nothing else, though, the proposed changes to Whatsapp’s policies have resulted in a lot more public awareness about their relationship with technology. The number of users who have started looking at Whatsapp’s alternatives is a sign that consumers are tired of giving up their data in exchange for services.
Whether this exodus is the beginning of the end for Whatsapp or a new beginning where Facebook inc, starts looking to in-app adverts to try and monetise their ubiquitous messaging service will become more apparent in the coming months.
“We’ve spent the last several weeks reviewing feedback from users and we spent time (virtually) with people from many countries,” WhatsApp said. “This was a great opportunity for us to hear about people’s concerns and learn what we could have done better.”
The company once again stressed the fact that WhatsApp and Facebook cannot read or listen to personal conversations as they are end-to-end encrypted.
“Since January, we built a way to communicate these points directly in WhatsApp through our Status feature so that over two billion users can hear the facts from us,” WhatsApp said.
“We are making it clear that this update does not change the privacy of people’s personal conversations,” WhatsApp said.
“This is about optional business features that are a part of our broader efforts to make communicating with a business secure, better, and easier for everyone.”
Telegram quickly reacted by acknowledging the surge of new users moving over from WhatsApp and introducing a tool to import all your WhatsApp chats to its platform. WhatsApp however has now highlighted that apps like Telegram which do not offer end-to-end encryption by default offer less privacy to its users.
“During this time, we understand some people may check out other apps to see what they have to offer,” WhatsApp said.
“We’ve seen some of our competitors try to get away with claiming they can’t see people’s messages – if an app doesn’t offer end-to-end encryption by default that means they can read your messages.”
“Other apps say they’re better because they know even less information than WhatsApp,” WhatsApp said.
WhatsApp believes people want messaging apps to be reliable and safe, even if that requires WhatsApp to access limited user data.
“We deeply appreciate everyone who has helped us address concerns and remain available to answer any questions. We haven’t stopped building for 2021 and can’t wait to share more in the weeks and months ahead.”
“We’ve heard from so many people how much confusion there is around our recent update,” the company wrote Friday in a blog post. “There’s been a lot of misinformation causing concern and we want to help everyone understand our principles and the facts.”
WhatsApp had asked users to agree to the new policy by Feb. 8, but has pushed that deadline to May 15 while it further explains the changes.
WhatsApp is end-to-end encrypted, meaning only a message’s sender and recipient can read it, and those messages are not stored on Facebook servers.
Facebook has said that it will not access those messages for any type of ad targeting, but language in the updated terms of service concerned many users who worried that Facebook would suddenly see their private messages.
WhatsApp said that isn’t true, and that all private messages between friends and family members will remain end-to-end encrypted.
“While not everyone shops with a business on WhatsApp today, we think that more people will choose to do so in the future and it’s important people are aware of these services,” the company wrote. “This update does not expand our ability to share data with Facebook.”
The miscommunication has highlighted Facebook’s challenge in convincing users that the company takes their privacy seriously.
Much of the language in the new updated policy is similar to rules rolled out in 2016, but Facebook has dealt with multiple privacy issues since then, including a $5 billion settlement with the Federal Trade Commission.
Facebook Chief Executive Officer Mark Zuckerberg has made private messaging a top priority moving forward, but that has also meant bringing WhatsApp further under Facebook’s control, both operationally and from a brand and marketing perspective.
WhatsApp’s new terms update is a big concern for a lot of people. A lot of WhatsApp users moved over to Telegram. Telegram surpassed 500 million active users today. In the past 72 hours alone, more than 25 million people joined Telegram.
“The content of your messages is not something to be concerned about unless if you’re involved in criminal activity.
“Broadly speaking, the content of any WhatsApp message is encrypted and cannot be read by anyone else. But we do have the right to be concerned about the extent of information that is now being put together in order for advertisers to target us.”
And, while some have already moved on to alternative Apps such as Telegram or Signal, Goldstuck said if you were able to persuade people you knew to make the move, it made sense to leave WhatsApp completely. If not and you lost your contacts, it didn’t make sense.
“Signal and Telegram are definitely a lot safer than WhatsApp in terms of the information they collect and even in terms of security. Telegram is the best-known. The reason why the apps owned by Google are so intrusive is that they are providing it to you for free.”
He added that Facebook had made a comment that it’s about business use of WhatsApp, but he questioned how people knew when they’re engaging with business and when you were not.
Some WhatsApp users had mixed reactions. “If you really want to get off-grid and keep your things private, don’t own a smartphone,” one user said.
Another said: “I would leave WhatsApp but at the same time, I need WhatsApp.”
In this article, we will compare these three instant messengers on a number of fronts: security, features, and ownership. What you will get and lose by choosing one of these messengers over the others, so you can make a well educated choice about which app you want to use.
Security is the most debatable and contentious topic among the three messaging services.
One thing that WhatsApp definitely has going for it is its end-to-end encryption. Plus, E2E on WhatsApp is available on every single mode of communication that the app enables. So all your messages, video calls, voice calls, photos, and anything else you share is end-to-end encrypted on WhatsApp.
What that means, is that you and the recipient are the only people who can read the messages you send to them. WhatsApp can’t decrypt the contents of your messages, calls, photos, etc, thus ensuring your security and privacy.
It is noteworthy that WhatsApp uses the E2E protocol developed by Open Whisper Systems, which is the name behind Signal messenger. That’s a good thing, because the Signal protocol is open source, widely peer-reviewed, and is generally considered one of the best protocols for implementing end-to-end encryption in messaging platforms.
It’s also noteworthy that even though all your communication on WhatsApp uses E2E encryption, the company does not encrypt backups (cloud and local). Also, it does not encrypt the metadata which is used to carry communication between two endpoints. This is one of the major criticisms of WhatsApp’s security model. While metadata does not allow anyone to read your messages, it lets authorities know whom and when you messaged someone, and for how long.
But that’s on the back-end. What about security features on the user-facing side of WhatsApp. Well, WhatsApp offers a built-in app lock feature on both the Android and iOS apps, so you can lock your WhatsApp chats with biometrics. Moreover, you get support for two factor authentication (2FA) on the app, which is great for security as well.
Overall, WhatsApp does a pretty solid job of ensuring security for its users. That said, WhatsApp has suffered a couple of major privacy nightmares, especially the recent issue with group chats getting indexed on Google search. That issue has been fixed, however, it was not a good look for the messaging app.
As far as security is concerned, Telegram does offer some protections to its users. However, there are multiple pain points in the way Telegram encrypts your messages and other information. For one, while Telegram supports E2E encryption, it’s not enabled by default. The only way to use E2E encryption on Telegram is to use its secret chats feature.
Messages sent in a secret chat are E2E encrypted, which is nice, but regular chats are not. This means that the messages are encrypted on your device and then they are decrypted on Telegram’s server. Again, the messages are encrypted on the server and sent to the recipient’s device for final decryption. As you can see, in this process, Telegram has the encryption keys on the server-side and can, in theory, access your normal chats.
Telegram states that it manages its message storage and decryption keys in a way that one would require court orders from multiple legal systems around the world to be able to access any of your data. In fact, the company says that it has shared 0 bytes of data with third-parties and governments to this date.
Even if you’re using secret chats, Telegram uses its own proprietary encryption protocol, MTProto, to encrypt your messages. This may very well be fine, but since its a closed-source protocol, security researchers can’t verify it. As such, security researchers believe that using an open-source and widely trusted protocol such as the Signal protocol would have been better than using a proprietary closed-source encryption protocol in Telegram.
On the user-facing side of things, Telegram, like WhatsApp, also offers a built in app lock. However, end-to-end encryption is incredibly scarce in the app. Telegram groups are not encrypted because Secret Chats are only supported for single-user communication. Moreover, Telegram’s desktop client doesn’t support E2E encryption on any platform other than macOS.
Telegram’s security isn’t nearly as robust as WhatsApp’s or Signal Messenger’s.
Signal is by far the best when it comes to security, be it on the back-end or on the user-facing side of the service.
As mentioned above, Signal uses the open-source Signal Protocol to implement end-to-end encryption. And just like WhatsApp, the E2E encryption covers all forms of communication on Signal.
While WhatsApp encrypts messages and calls (and that’s enough for most users), Signal goes one step further and encrypts the metadata too. In order to protect user privacy from all corners, Signal devised a new way to communicate between the sender and the recipient and it’s called Sealed Sender. Basically, with Sealed Sender, no one will be able to know — not even Signal — who is messaging whom, which is amazing.
In addition, you have some incredible privacy features on Signal that is going to make your messaging experience even more private and secure. For instance, you can lock Signal with a passcode or biometrics. Then there is 2FA and an option to block screenshots within the app and the recent screen. And recently Signal added a new feature to blur faces automatically before sending images.
Not to mention, Signal by default encrypts all the local files with a 4-digit passcode. And if you want to create an encrypted local backup then you can do that as well. The app now also supports encrypted group calls.
There was recently some reporting about Cellebrite cracking Signal’s security. However, Signal has since debunked that news and you can read more about it here. All in all, in terms of security and privacy protection, Signal stands head and shoulder above WhatsApp and Telegram and that make it the most secure messaging app between the three.
For the most part, WhatsApp offers almost every feature you might need. You get support for group chats with up to 256 members. You can also broadcast messages to multiple contacts at the same time.
There’s also support for voice and video calls, both for individual users and groups. However, for group video calls, you are restricted to 8 users at any time.
Apart from that, WhatsApp offers a distinct feature that neither Telegram offers nor Signal. WhatsApp Status (also called Stories). Users love this feature as they are able to express their thoughts and feelings to their closed ones. In a way, this makes WhatsApp a social media platform, and not just a messaging service.
You can also share all sorts of files on WhatsApp, but there are file size limits to adhere to. For photos, videos, and audio files, the limit is 16 MB. However, documents can be up to 100 MB. You can also share live location with your contacts.
And since WhatsApp is meant for general users, it offers seamless backup and restore functionality through cloud services like Google Drive and iCloud. And the best part is that cloud backup is completely free. Not to mention, WhatsApp now also supports dark mode.
While WhatsApp offers most of the features you’d need, Telegram is basically overloaded with features. Similar to WhatsApp, you get the basics such as chats, group chats and channels. However, unlike WhatsApp’s 256 member limit, Telegram brings support for groups with up to 200,000 members.
It also offers multiple group-specific features such as bots, polls, quizzes, hashtags and a lot more which can make group experiences a lot more fun.
The app also offers unique features such as a self-destructing messages feature which is great if you’re sending messages that you don’t want to remain on the recipient’s device for eternity. You also get support for editing sent messages, along with features like message scheduling, sharing uncompressed media, themes, and a lot more.
Telegram also offers incredible granular support over notifications you receive from the app. Plus, the size limit for sharing files on Telegram is a whopping 1.5 GB.
Up until a while ago, Telegram didn’t offer video calls. However, the app now supports both voice and video calls on Android and iOS devices, which is great because video call support was a big omission from the app.
While Signal beats Telegram and WhatsApp handily when it comes to security, it falls short on the features it offers.
You have secure messaging, voice, and video calls and all communications are end-to-end encrypted. Further, you can create groups, however, you don’t have the option to broadcast messages to multiple contacts at once. Plus, Signal has recently added support for group calling as well, something that was missing from the app for a long time.
You have features such as disappearing messages similar to self-destructing messages of Telegram, and the ability to send a one-time viewable image. Unlike WhatsApp, you don’t have to create a single-member group to send notes to yourself. On Signal, the feature is available natively and you can jot down your thoughts and ideas while messaging with your friends and family.
Apart from that, Signal allows you to relay voice calls to its servers so your identity remains concealed from your contacts. The feature is somewhat similar to what a VPN does. Signal also offers a built-in option to hide your IP address. Further, you can enable incognito keyboard while typing on Signal, apply dark mode, delete old messages in one stroke, and of course, blur faces and private information from images using its powerful photo editor.
There are also emojis and some privacy stickers, but they are very limited in comparison to WhatsApp and Telegram. All in all, Signal has some of the best privacy features but might fall short for users who want endless customization options.
Ownership is important because it allows us to understand how companies are looking to monetize user data and lets you take an informed decision.
WhatsApp is owned by Facebook, and while for quite some time the company had managed to keep WhatsApp at least a little bit less intrusive into your personal life as compared to its eponymous social media platform, that’s changing now.
That’s not all, throughout WhatsApp’s lifetime under Facebook, there have been multiple allegations around the company breaking encryption and creating backdoors for government agencies.
There are also reports about ads on WhatsApp becoming a reality sooner rather than later. That gives Facebook even more incentive to monetize your WhatsApp data. Plus, since WhatsApp doesn’t encrypt metadata, Facebook can readily use that to track your behavior.
Facebook proofed previously their sheer incompetency (or unwillingness) to protect user data or give any sort of privacy protections. That’s something we have witnessed in a lot of detail since the Cambridge Analytica scandal.
Coming to Telegram, it was launched in 2013 by Nikolai Durov and his younger brother, Pavel Durov. Both are from Russia and are currently on a self-imposed exile. Pavel Durov was dismissed as CEO of a Russian social-media site after he refused to hand over data of Ukrainian protesters to Russia’s security agencies.
Apart from that, on many occasions, Pavel Durov has taken a principled position against censorship and government interference. Looking at the history that geared the development of Telegram, it does inspire trust. However, the closed-source encryption protocol and optional E2E support leave the room for more transparency and improvement.
Signal is owned by the nonprofit Signal Foundation which is run by cryptographer Moxie Marlinspike and Brian Acton. Moxie Marlinspike used to run Open Whisper Systems — the brainchild behind the Signal protocol. After he met Brian Acton in 2018, they formed a new alliance called Signal Foundation. It now wholly funds the development of Signal messenger. It’s noteworthy that Brian Acton was the co-founder of WhatsApp. However, he left the company 3 years after Facebook acquired it.
Now, he oversees the development of Signal along with Moxie Marlinspike. Many high-flying people including Edward Snowden, the American whistleblower; Jack Dorsey, the CEO of Twitter, and others endorse Signal. In addition, Signal has received top scores on the EFF’s Secure Messaging Scorecard making it the most secure messaging platform.
Signal is run by donations and grants.
The Verdict: WhatsApp vs Telegram vs Signal
On the other hand, Telegram messenger may not be the best in terms of security. However, it offers a lot of features that are enough to make any group admin drool. Plus you do get end-to-end encryption on Telegram, albeit restricted to secret chats.
To sum everything up, we suggest going with Telegram if you want more features than the average messenger. You can consider Signal if you’re looking for the essential messaging and calling features along with a high-standard of security. However, WhatsApp is looking more dicey than ever now with the new policy update.
The group used an in-app message sent to users this week, in which WhatsApp said that the changes will include:
Updates to WhatsApp’s service and how it processes your data;
How businesses can use Facebook hosted services to store and manage their WhatsApp chats;
How WhatsApp will partner with Facebook to offer integrations across Facebook Company products.
WhatsApp said that these changes will officially come into effect from 8 February, 2021. After this date, any user who has not agreed to the new terms will no longer be able to use the messaging service.
ArsTechnica reports that some of the data that WhatsApp collects includes:
User phone numbers;
Other people’s phone numbers stored in address books;
Status message including when a user was last online;
Diagnostic data collected from app logs.
Under the new terms, Facebook reserves the right to share collected data with its family of companies.
In 2014 Facebook acquired WhatsApp for $19 billion. The company was founded by Jan Koum and Brian Acton who had previously spent 20 years combined at Yahoo.
More than two billion people in over 180 countries use WhatsApp, which is currently available as a free download.
Parliament recently passed the Cybercrimes Bill, which includes a bevvy of new laws around the sending of messages and electronic communications in South Africa. The bill was passed by Parliament on 2 December and now only awaits the President’s signature to take effect.
These new laws were first drafted in 2017, and they have since undergone a number of changes. Among other objectives, the bill aims to criminalise the distribution of data messages which are harmful and to crack down on cybercrime in South Africa.
The bill also imposes obligations on electronic communications service providers and financial institutions to assist in the investigation of cybercrimes.
It includes clear restrictions on the sending of messages which could be seen as harmful, such as the disclosure of intimate images without the subject’s consent, or the sending of threats and incitement to violence.
Sending of intimate images and threats
The Cybercrimes bill states that any person who discloses a data message to a single person, group of persons, or the public with the intention to incite damage or violence is guilty of an offence. This could include Facebook and Twitter posts and messages, as well as private WhatsApp messages sent within a group or an individual chat.
The same is true of messages which threaten violence towards a single person, group of people, or their property.
This section includes a reasonable person test, which states that a message will be considered malicious if a reasonable person would perceive the data message as a threat.
The bill also specifically addresses the sending of intimate images over any electronic communications platform without the subject’s consent, classifying this as an offence. This is true if the person is identified as being displayed in the image, if they are described as being displayed in the image but cannot be identified, and if they are identified from other information as being displayed in the image.
An “intimate image” is defined as the depiction of a person (real or simulated) in which they are nude, their genital organs or anal region are exposed, or if they are a female person, transgender person or intersex person, their breasts are displayed. The definition also extends to images in which the covered regions listed above are exposed in the image.
What it means for South Africans
The wording of the new bill means that even if you are not the creator of an intimate image or video sent without the subject’s consent, you are committing an offence if you forward it.
This regulation also applies to photoshopped images and deepfakes, as well as pictures or videos which do not show the subject’s face but in which their identity is described.
The same is true of threats to people and property sent over WhatsApp, social media, email, or any other electronic communication.
Therefore, if you receive an intimate image, video, or similar media over WhatsApp, or any other platform, and forward it to others without the consent of the person identified in the media, you will be guilty of an offence.
This is true whether you created the image or not, and whether or not you know the person identified in the image or video.
Forwarding a message which contains a reasonable threat to people or their property is also an offence under the bill, regardless of the source of the message.
“Forwarding is not an excuse anymore,” Goldstuck said.
“Any communication that contains threats, whether to people or to property, or intimate images of another person can be seen as committing a crime if you send it.”
When it comes to laying a charge for an offence under the new bill, he said affected parties will be able to present screenshots, image files, messaging records, and more as evidence that an offence has been committed.
The bill also attempts to place obligations on Internet service providers and related parties to assist in the investigation of cybercrimes, including those detailed above.
The Indian Computer Emergency Response Team (CERT-In) warns Apple users of a glitch in the iPhone iOS. The vulnerability may expose WhatsApp users to cyberattacks.
“A new version of WhatsApp and WhatsApp Business for iOS was released to fix vulnerabilities that could allow the execution of malicious code, memory corruption and crashes”.
ATTACK VIA ANIMATED STICKERS
CERT-In warned that the vulnerability “was found in the logging library in WhatsApp and WhatsApp Business for iOS, due to what is called a ‘use-after-free’ error”.
A cyber attacker could cause havoc by sending a “specially crafted animated sticker” to the target while placing a WhatsApp video call on hold. That would result in several events occurring together in sequence.
Moreover, CERT-In adds that the attack could result in “memory corruption, denial of service conditions or execution of remote code”.
CERT-In also warned of another vulnerability which could “could permit Siri to interact with WhatsApp even after the phone was locked”. According to IANS (India’s Largest Independent News Service):
“An attacker could exploit this vulnerability by using the Siri virtual assistant to communicate even after the phone is locked, said the note last week which carried a ‘high’ severity rating”.
CERT-In suggests updating WhatsApp regularly and to ensure your device is running on the latest software version. App developers implement bug fixes whenever they detect vulnerabilities such as these.
That said, the responsibility rests with us as users to update our apps. A WhatsApp spokesperson previously explained to Forbes that the team is “constantly working to improve security” of their services:
“We make public reports on potential issues we have fixed consistently with industry best practices. In this instance, there is no reason to believe users are impacted.”
HOW TO UPDATE ON IPHONE, IPAD, OR IPOD TOUCH
WhatsApp can updated directly from the Apple App Store. If your iOS software is outdated, it won’t do any harm to update that as well.
Plug your device into power and connect to the Internet with WiFi.
Go to Settings, then General, then tap Software Update.
Tap Download and Install.
To update immediately after download, tap Install.
You might need to enter your passcode to proceed.
There are several other ways to secure your WhatsApp account, including end-to-end user encryption, and knowing how to identify a suspicious link.
Lastly, trusted WhatsApp beta tester, WA Beta Info, confirms that WA developers are fine-tuning a new “biometric lock” for Android devices. This will further ensure your privacy and safety.
The Biometric Lock feature will, when enabled, require our fingerprint, face or “other unique identifiers” to open the Facebook-owned messaging app. The new feature will be replacing the current “Fingerprint Lock”.