Should we expect every messaging app to offer full privacy?

6 Comments

Earlier this week a bunch of former Skype employees launched a new app called Wire, which offers Skype-esque voice calls, messaging, and the ability to embed things like YouTube videos and SoundCloud tracks in conversations.

I, like many others, wrote a piece about the release, noting that the company’s Swiss jurisdiction is relatively privacy-friendly. Someone quickly commented, pointing out – correctly – that this is “no replacement for full, end-to-end encryption.” Fair enough, but I’ll admit my initial take on Wire put very little emphasis on security or privacy, because the company itself didn’t either.

Sure, if you scroll down a lot on Wire’s homepage you’ll see a nondescript promise that “Wire interactions are secure and we comply with European privacy laws and regulations,” but it’s not an angle that Wire even mentioned in its press release, nor in its initial blog posts.

That said, Joseph Cox at Vice Motherboard took a good look into Wire’s small print and noted that, while Wire’s FAQs said voice calls enjoy full end-to-end encryption over its networks, messages and media are only encrypted between the user and Wire’s data centers – not while at rest in those data centers.

This didn’t fit with a separate statement in Wire’s support section, which claimed that “your messages and conversation history can only be seen by you and the people in those conversations”, a statement that Wire removed after Cox flagged up the contradiction. The episode prompted some to accuse Wire of being a security snake oil vendor.

Now, if Wire’s claim about the privacy of conversations had been more prominent and not simultaneously debunked by the company itself, it would look an awful lot like a lie. The company should also be much clearer on its homepage about what it means by “secure”: that is to say, pretty secure against hackers, but not hiding personal data from the company itself and its various commercial arrangements.

However — and perhaps I’m feeling overly generous in the run-up to the holiday season — I think we need to look at what Wire actually is and consider the tradeoffs it’s making, before calling it a dud.

As a messaging service, Wire appears to be a very different beast from, say, WhatsApp, which is comparatively streamlined. Billed as a “communications network,” if anything Wire resembles a framework for small, closed social networks – think Google+ minus the public stuff — built around messaging rather than posting.

Wire’s text communications service is not designed primarily to be a secure channel (and here we’re in the linguistic gray zone where “secure” blurs into “private”), but rather for integration with third-party services such as YouTube and SoundCloud. For that reason, I don’t find it in the least bit surprising that, while WhatsApp can offer end-to-end encryption, Wire messages aren’t encrypted in the company’s data centers.

As Wire’s privacy policy states:

Through the Service, you may be able to link to technology, software and services owned and controlled by third parties (the “Third Party Features”) such as, but not limited to Youtube and SoundCloud. You may be permitted or required to submit personal information to access Third Party Features. These Third Party Features may collect information about you when you visit them or otherwise communicate or interact with them.

Third-party services are Facebook’s excuse, too. Maybe someone will at some point succeed in marrying genuine end-to-end encryption with a complex ecosystem approach, but I’ve not seen an example yet. As Wire’s founders suggested in a recent Guardian interview, their algorithmically ordered group chat and search functionality also don’t play nicely with cryptographic keys. Will Wire even consider encrypting its users’ data at rest? “We’ve made technical design and product choices to provide Wire users with the benefits of a certain feature set and are constantly reviewing those choices with security in mind,” a spokeswoman told me by email. Let’s take that as a “no,” for now.

Another reason not to treat Wire like something it isn’t: The terms state that, if Wire gets sold, its users’ personal information could be part of the package, and that includes the contents of chat conversations. The company also hasn’t yet decided how it will make money. The spokeswoman told me that the firm is “considering a number of monetization options” that will include paid-for premium features – I can’t see any guarantee that they won’t also include more Facebook-style data mining.

Strong privacy advocates will rightly turn their noses up, but here’s the question: Should people avoid Wire? That depends entirely on the person. Apart from that errant phrase at launch (again, perhaps I’m being too generous), Wire doesn’t tout itself as the privacy enthusiast’s choice. That doesn’t mean it won’t provide value to some people, like Facebook does.

As I’ve suggested before, privacy is a sliding scale. Some people want very high levels of privacy, while others are happier giving up some of these things for various perks, such as free services, or the potential for deep integration with third parties that are more about sharing than privacy.

Sometimes a person (like me) wants more privacy from one service, and can live with less from another. Wire looks interesting from a user experience standpoint, but as with Facebook — which I do use, because people who are dear to me use it — I’d be wary of putting anything too sensitive on there.

It’s perfectly alright for different products and services to occupy different points on the privacy spectrum, as long as their users know what to expect. On that point, Wire’s launch was shaky, but not necessarily a dealbreaker. Here’s hoping the company offers a clear and consistent message about its limitations from here on.

6 Comments

Neil

Its really amazing how much people expect for free. Its also amazing how little people care amount privacy until they start to think about it. I agree with the author – almost every social messaging app out there has holes and security flaws, so either isn’t as secure as you think OR its completely ripping off everything you type and mining it for later purposes. Just admit that nothing is for free and if you want a 100% secure system you should expect to pay for it, otherwise – you are the product.

StitMe

Privacy is a right and must be preserved @stitme its preserved and Guarantted.

jjj

Everything we do online should be private.
What you are implying here is that by accepting their terms we also accept that the data will go to a a few more unknown parties that might steal it. But that’s not the case and in fact they should be liable for any data theft by the NSA or anyone else.Hmm someone should sue FB and Google for failing to secure the data, see how that goes. Maybe the theft angle is the way to go. Or maybe we have to copyright everything we say and sue the US gov for piracy.

David Meyer

That’s not quite what I’m saying. I’m saying that, with the current state of the technology, there are certain features and complexities of social apps that preclude end-to-end encryption, or full privacy – and that means being realistic about which apps can provide full privacy and which can’t.

Justin Ramirez

Check out Cisco’s Project Squared app for enterprise grade encryption and security with a user experience that doesn’t feel like an enterprise app. It’s free too: projectsquared.com

Comments are closed.