WhatsApp have spent the last month putting out self-inflicted fires. After a disastrous announcement of changes to their terms of service, the company have been scrambling to convince users to stick with the app. However, even with delayed implementation of the new terms of services, and hundreds of reassurances, their PR nightmare has prompted many organisations to take a closer look at their use of the messaging app.
The Story of WhatsApp
WhatsApp have marketed themselves as a safe and secure messaging app from the start in 2009, emphasising their end-to-end encryption, the minimal amounts of data they collect, and the fact that they don’t share that data with anyone. However, Facebook acquired WhatsApp in 2014, much to the chagrin of privacy activists. Many feared it was the start of a slippery slope, leading to abuse of user data. To allay fears, executives reassured users that WhatsApp would operate separately, and data would not be shared with Facebook.
Fast-forward now to the beginning of this year. Upon opening the app, users found a notification that WhatsApp’s privacy policy and terms of service were changing. It seemed they were going against their promises and intended to share user information with Facebook. For users in the EU and the UK, there was additional confusion. It wasn’t clear what changes would be applicable to those under the GDPR. There was chaos, there was confusion, and there was a lot of hopping to new messaging platforms.
Ultimately, WhatsApp cut their losses and delayed implementation to May, in order to re-evaluate their plans. Even so, it’s left a sour taste in everyone’s mouth, and that might not be a bad thing. It’s hard to deny the ease of using WhatsApp, but is it really appropriate for professional use?
Messaging Apps and Privacy Problems
Are you part of an employee WhatsApp group? Many people would answer that question with a yes. In a study from 2019, it was found that 53% of global frontline workers check messaging apps up to six times daily, for work related issues. Over half of respondents were using personal messaging apps like WhatsApp for professional correspondence. There are plenty of issues with this, as you can see below:
- The first issue is that business use actually goes against the WhatsApp terms of service. The terms of service prohibit any “non-personal use of our Services unless otherwise authorized by us.” Violating these terms could lead to suspension or deletion of your account, but there are additional data protection issues with the app. When you create a WhatsApp account, you add your list of contacts to the app, meaning you upload the data of other individuals without their consent. When using WhatsApp personally, this is less of a problem, but if you use WhatsApp for business purposes, any processing of personal data falls under the GDPR.
- Individuals can also be added to a WhatsApp group without giving consent. Once added, anyone else in the group can see their contact information, any information held within their bio, and when they were last active. Unless you have provided every member of staff with a work mobile, employees will be using their personal numbers to create WhatsApp accounts. Create an “All Staff WhatsApp Group” and you’ve just handed out the personal contact numbers for all your employees. While you may think you know your staff well, you can’t be sure there aren’t underlying tensions or conflicts, that could escalate should one of your members of staff be able to contact another outside of work hours. Ultimately, it’s not why you originally collected that data, and it’s not how it should be used.
- It’s not a sensible place to discuss school or college related matters. It’s not unusual to hear someone groaning because their phone has deleted all their chat history. Nor is it unusual to hear someone left their phone in a taxi at the weekend. Should something happen to your phone or your WhatsApp account, you could be dealing with a breach of accessibility. Conversely, when you work with personal data, you need to to delete it after the appropriate time; a rather complicated venture when it’s sitting on hundreds of mobile devices.
- Finally, discussing work on a personal device always increases the risk of a breach of confidentiality. In the 2019 study, 30% of respondents found that the 24/7 nature of messaging apps made it hard to maintain a work/personal life balance. Answering work queries late at night, or in the middle of personal time, can lead to sending information to the incorrect group. Indeed, 12% of respondents said they worried about a serious data breach via a messaging app.
Using Messaging Apps for Work
These are just a few of the complications that can arise from using messaging apps like WhatsApp. They are easy to use, but not designed for business communication. Is it time to retire the faithful green speech bubble? For business communication, it’s certainly worth considering. Finding an alternative can be difficult, but there are business messaging apps out there.
However, it’s best to take a moment and assess whether a new messaging app would be the best step forward. They’re hard to regulate and it’s difficult to ensure people only see information they need to see. With staff in many schools and colleges taking on multiple roles, messaging groups can get quite messy. Add on that many of these groups operate under the noses of HR, and you get a breeding ground for breaches.
Trackbacks & Pingbacks
[…] occurrence in lockdown has been the use of personal mobiles for business related tasks. We’ve talked previously about some of the dangers of this, but for many, it has seemed like the only choice to keep […]
Comments are closed.