This article is from the source 'guardian' and was first published or seen
on .
It last changed over 40 days ago and won't be checked again for changes.
You might be forgiven for thinking that Whisper was an app about privacy and anonymity.
Sorry, the page you’re looking for has been removed.
You could pick up that impression from the first screen you see in its app store entry – “Anonymously share your thoughts and secrets” – or from the description urging you to download it: “If you have ever had something too intimate to share on traditional networks, simply share it on Whisper!”
This may be because of a legal objection, a rights consideration or for another reason.
The app even boasts of a community “built on trust and honesty”. Millions of people around the world trust the app enough to share their secrets, which are viewed billions of times each month.
If you would like to contact someone about the page, you could email:The readers’ editor: reader@theguardian.comUser help: userhelp@theguardian.com
Except the claims of anonymity are unravelling: not only does Whisper store what can be deeply revealing data on a large majority of its users, it offers this information to media outlets and other partners.
To continue reading, please use the links at the top of the page or visit the Guardian’s home page or search for related content.
In public, Whisper sells itself on anonymity; in private, it offers to out its users – using geolocation to show people posting from military bases, intelligence agencies and even around the White House.
For most users, Whisper picks up detailed location information from your phone: as you first use the app it explains: “Whisper uses your location to find Whispers nearby. You can turn on location services to see everything near you.”
What isn’t mentioned, unless you specifically hunt for the privacy policy, is that clicking yes to that request also allows Whisper to store your location at any time you post a secret to the site.
Location information might not initially seem too revealing – but tracked over time it is enough to identify us easily, and also disclose almost everything about our lives: a place you’re located at multiple times at midnight is likely to be your home. Posting from a military base reveals a lot about your likely occupation. Being geolocated 2ft away from someone at 3pm (the worker at the next desk?) means something very different from 3am (an amorous liaison?).
Whisper “fuzzes” its locations to avoid disclosing that much detail – to a radius of several hundred metres. But this does not prevent the risk of identifying a user: take someone who works on a military base, has a family home in rural Alabama, and visits New York now and then. The group of people who had been in all three locations at the relevant times is so tiny – likely to be just one – as to make the individual identifiable, especially to those with abilities to cross-refer against other data sets.
Many apps and websites use geolocation – it’s vital for mapping, personalisation and more. Whisper is different: its raison d’etre is encouraging people to spill secrets. By handing out such secrets, Whisper is turning private lives into marketable commodities.
The company’s eagerness to show how it can track down its users goes so far that it has, the Guardian revealed, even used details of IP addresses – which reveal rough location – to trace one of the small minority of its users who deliberately disabled location services.
This faux anonymity could have hugely damaging consequences for Whisper users, even beyond the simple fact of the service’s willingness to share them freely: if anyone took the site’s claims at face value and posted a national security secret on the site, Whisper would probably have the information needed to track down where that user had been, if the government used legal powers to demand it.
Those details could even be available to a corporation, through subpoena, trying to sue for breach of confidence or defamation. Whisper knows too much about its users to be able to protect them, even if it were so inclined.
Revelations of the huge surveillance network operated by the NSA and GCHQ rightly alarmed internet users across the world. Such intrusions into privacy were at least done by people with an earnest belief they were doing what was necessary to protect national security.
The prevailing Silicon Valley business model – which Whisper has shown it is part of – doesn’t grab and bundle data for that aim: it ultimately does it to get rich. Time and again, Valley startups collect and package user data in the pursuit of more venture capital funding, with an eye to a multibillion -dollar exit.
Secret-sharing apps are fighting a phoney war. They trade off privacy and anonymity, but collect a good deal of the same information as other online services and raise their financing in the same ways. As in the rest of the Valley, their users are actually their product rather than their customers.
A secret shared on a service that tracks and trades our location is no secret at all. We reveal ourselves not through a shout but through a Whisper.
