Skip to main content

Merging privacy ...

Facebook vs. Whatsapp

The acquisition of WhatsApp by Facebook has raised a number of interesting privacy debates, with the latest being a legal challenge to the deal on the grounds that WhatsApp's existing user privacy agreement will be violated if Facebook starts using the data to deliver targeted advertising.  It raises the question of whether the difference in the privacy agreements between WhatsApp and Facebook was part of the analysis when the acquisition was planned.

Questions that could (arguably should) have been part of the decision to value WhatsApp at ~£11bn (~US$16bn) include:
  • if isolating WhatsApp from Facebook (as proposed in the above article) would limit the possibility of creating new revenue streams (e.g., through advertising), from WhatsApp users?
  • would users leave WhatsApp in droves if Facebook changed the privacy policy to allows user data to be used for advertising?
  • whether hardly any users will care about the potential use of personal information for advertising so changing the privacy policy? 
Other articles about the merger suggest that Facebook really didn't have any idea about the user base of WhatsApp and therefore there was no possibility of thinking through the privacy implications of the merger.  Nevertheless it would be interesting to model the respective privacy policies of the two companies using an approach like our Privacy Arguments framework and see what mitigations needs to be put in place to enable the policies to be merged.

My own prediction for what will happen in practice is that Facebook will extend the functionality of its own Messenger application to close the feature gap with WhatsApp and try and encourage WhatsApp users to switch.  However, if they proceed to try and change the privacy policy of WhatsApp after the acquisition is complete, I hope they will allow users to delete all their data and leave!
Post a Comment

Popular posts from this blog

Visual programming for 'wiring' the Internet of Things

There is a proliferation of devices being developed to form the building blocks of the Internet of Things (IoT), from Internet-connected power sockets and light bulbs to kettles, toasters and washing machines. However, to realise the full potential of the IoT, it will be necessary to allow these devices to interconnect and share data with each other to deliver the functionalities required by end-users. In recent research on end-user programming for the IoT, my colleagues Pierre Akiki, Yijun Yu and myself have proposed the notion of Visual Simple Transformations (ViSiT), that provides a visual programming paradigm for users to wire together IoT devices. The video above shows a demonstration of the ViSiT solution and full details of the approach will appear in an upcoming special issue of the ACM Transactions on Computer-Human Interaction (ToCHI).

This work is highlighted in a recent IEEE Software Blog: Empowering Users to Build IoT Software with a Puzzle-like Environment and full deta…

Privacy-by-Design Framework for Internet of Things Systems

IOT-2016 7-9 September, 2016, Stuttgart, Germany from Charith Perera
Recent DDoS attacks on key internet services, like the attack that affected the Dyn domain name service, highlighted the security challenges associated with the proliferation of insecure Internet of Things (IoT) systems.  This attack exploited common vulnerabilities like the use of default administration passwords on IoT devices such as internet-enabled CCTV cameras, internet-enabled appliances and smart home devices, to recruit over hundreds of thousands of nodes into a botnet.   This capability highlights the cyber security threats associated with the IoT and brings into sharp relief the importance of considering both security and privacy when designing these systems.

In recent work, presented at the Internet of Things Conference, we describe a privacy-by-design framework for assessing the privacy capabilities of IoT applications and platforms.  Building on more general design strategies for privacy in informaiton …

Privacy Itch and Scratch

Ubiquitous computing technologies are being used to collect, process and share increasing amounts of personal information, from our location and physical activity levels to the things we buy and the web pages we read.  Although these developments have created a wealth of new applications that engage and entertain us, they also pose significant challenges for our privacy - particularly the challenge of maintaining awareness and control over our personal information flows as we go about our daily lives.

My colleagues, Vikram Mehta, Blaine Price and Bashar Nuseibeh, and I have been exploring new interaction metaphors for enhancing our privacy awareness and control.  Our earlier work in this area used haptic interactions through the users' smartphone to enable privacy controls to be configured by physically shaking and moving the device (PrivacyShake).   More recently we have been exploring the role of on-body interfaces to achieve more subtle and non-intrusive mechanisms for privacy …