The Truth About Messenger App Privacy

 

Too much talk about privacy and messenger apps is focused on the wrong thing – security.

Okay, that is a big statement to make. It is not, however, meant to devalue the importance of security. After all, security is absolutely critical and plays a significant role in protecting your private information.

However, it doesn’t matter how secure a messenger app provider makes its platform if it has privacy policies that in themselves make your private data vulnerable.

When it comes to messenger apps, the private data we are talking about is not only who you contact and when, but also what you say. That’s right, the actual words you type and the attachments you send in a message.

When all else is said and done, including applying the latest super-duper security measures, your messages and attachments still exist on a server owned by the messenger platform. If they exist, people can access them.

Sure, the security experts and officials at those organizations will say you can trust them with your information. They will also say their super-duper security measures keep your messages out of reach of anyone else.

That, though, is an awful lot of trust to give.

A Bit of Background

If you follow tech industry news, you will know that stories about the privacy of messenger apps are a regular feature. In fact, many of these stories have made it into the mainstream media. This means you will probably have come across them even if you don’t follow tech industry news.

Let’s now circle back to the point made in the first sentence of this blog – those stories focus on the wrong thing.

That is security, which essentially means encryption. In basic terms, encryption means the content of your message is scrambled so that it cannot be accessed except by the intended recipient.

Messenger platforms (all the ones currently on the app store) fall into one or two of the following categories, depending on how you adjust the app’s settings:

  • No encryption – where the content of your message is readable in transit and while it is on the messenger platform’s servers.
  • Encryption – otherwise known as encryption on the wire. This means the message is encrypted while it is in transit, however, it is not encrypted when it is stored on the messenger platform’s servers.
  • End-to-end encryption – this is often described as the ultimate option as messages are encrypted in transit and while stored on the messenger platform’s servers.

What is the common denominator in each of those options? It is the fact that messages are stored on the messenger platform’s servers.

Sure, some of them encrypt the messages. The messages exist, however, and because they exist they are at risk from hackers. They are also subject to government agencies obtaining warrants and subpoenas for their release.

In other words, they exist so they are accessible.

The Scramble for Consumer Trust

Most messenger platforms talk about encryption in the terms above, but then Google came along with its new Allo platform, and people thought we were entering a new phase of privacy protections on messenger apps. This is because Allo has an incognito mode. It generated a lot of hype when it was announced in May 2016 because Google said messages sent in incognito mode would only be stored “transiently”. That means it was planning to delete them.

Roll forward to September, however, and the policy has changed. Now Google stores all incognito mode messages until the user deletes them.

A Simple Solution – Don’t Store Messages

There are two things that messenger platforms can do to protect your privacy:

  • Use encryption while messages are in transit
  • Don’t store any messages on their servers

That means becoming pass-through messenger apps. At the moment, Pantepic is the only messenger app in the App Store that offers this level of privacy protection. Hopefully, others will follow our lead in future.