WhatsApp has landed in a privacy storm once again. An app reverse-engineer tweeted Friday that the invitation links for about 470,000 of its group chats had been indexed by Google. This meant a search could pop them to public view, together with the names and numbers of their participants. Both Google and WhatsApp’s owner Facebook Inc seemed to shrug off the implications to people’s need for online confidentiality. Google said group chat links put up on websites open to all would be caught by its search engine because that’s what it’s designed to do, while WhatsApp advised users to share links only through private means to avoid that fate.
The message is that group chats that get exposed have only the carelessness of their own members to blame. Yet, a social media platform that claims to care for its users’ privacy—and WhatsApp makes a big deal of its end-to-end encryption—cannot afford to be so cavalier about this. Most users are clueless about how the internet actually works and what exactly is at risk of exposure and what is not. It is for WhatsApp to caution users against inadvertent actions that could result in a loss of privacy. That it did no such thing counts as a failure on its part.
Perhaps aware that onlookers were appalled, WhatsApp appeared to embark on a rearguard exercise on Saturday to reassure its users. Yet, as
l’affaire Pegasus showed a few months ago, that’s no easy task anymore. Calls to shift to Telegram or Signal, its rival platforms, have seen another spike.