Whisper raises volume on objections to Guardian report

Whisper raises volume on objections to Guardian report

The Guardian said on Thursday that Whisper, a social media app that aims to serve as an anonymous social network, is tracking the location of some of its users.

The Guardian also said Whisper is sharing information with the US Department of Defense gleaned from smartphones it knows are used from military bases. Whisper's Chad DePue, chief technology officer, writing in Hacker News, voiced exception to the report: "I'm the CTO of Whisper. This is really bad reporting." DePue wrote: "We want to know where a user is in a general sense for things like tracking time zone so when we send pushes we know not to send pushes at 3 in the morning. You'd be surprised how often device time zone may not always match with physical location. We use general location to determine things users may be interested in. Folks who post in lower Manhattan may see different results than people in College Station, TX, over time. We have a lot of anti-spam technology, and what IP you posted from, and what country that IP is in, is important. I can't elaborate on this but it's incredibly logical why we would use that information for things like keeping the app from filling with spammy garbage. We throw away the IP you used to create the whisper after a brief period of time."

DePue's explanation triggered a reaction in Hacker News from Moxie Marlinspike, which is a pseudonym of a computer security researcher. Marlinspike wrote. "You're attempting to justify why you're tracking your users, but you're still tracking them…how do you achieve anonymity and unlinkability while doing things like IP hiding, spam filtering, and relevance matching? The issue is that you haven't solved the problems, and are instead suggesting you should get a pass because the problems are hard. It seems simple to me: if you haven't designed something that gives you truly unlinkable anonymity, don't claim to provide it. If you have to track your users to make your app work, don't claim not to track your users."

Meanwhile, Neetzan Zimmerman, editor in chief of Whisper, said the Guardian team's report was wrong. "No exact location data is EVER stored or is accessible by @Whisper or its employees. The Guardian's suggestion to the contrary is FALSE," he tweeted. The Whisper response to The Guardian in full was carried in Scribd. Fundamentally, the statement relayed the message that The Guardian's "assumptions" that Whisper was gathering information about users and violating user's privacy were false.

"Whisper does not collect nor store any personally identifiable information (PII) from users and is anonymous. To be clear, Whisper does not collect nor store: name, physical address, phone number, email address, or any other form of PII. The privacy of our users is not violated in any of the circumstances suggested in the Guardian story."

On tracking: "We neither receive nor store geographical coordinates from users who opt out of geolocation services. User IP addresses may allow very coarse location to be determined to the city, state, or country level. Even for users who opt into geolocation services, the location information that we do store is obscured to within 500 meters of their smartphone device's actual location."

In concluding on ScribD its list of responses to the Guardian article point by point, Whisper emphasized it does not collect nor store any personally identifiable information of any sort or kind. "Lastly, as stated above, Whisper is not a place to make violent or child-endangering threats, and we will proactively notify law enforcement in order to protect our users and the public."

© 2014 Tech Xplore

Citation: Whisper raises volume on objections to Guardian report (2014, October 17) retrieved 28 March 2024 from https://techxplore.com/news/2014-10-volume-guardian.html
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Explore further

Twitter buys Android gadget security startup

156 shares

Feedback to editors