Configuring privacy settings in mainstream applications (e.g. WhatsApp)

That’s one huuuge thing that the privacy community misses.

I’ve been largely unsuccessful in convincing people to migrate to Signal or whatever, but I at least tell everyone to encrypt their backups, and the conversion rate is much better.

I think it deserves a mention on the site, wherever they find fit. Because very few people can completely ditch mainstream messengers, so we have to do the best we can with them.

1 Like

I’m interpreting this comment to mean that you think we should cover configuring privacy-related settings in applications like WhatsApp as part of our guides, so I’m moving your post to a new discussion here. I’ll post my answer in a minute.

I would consider this to be out of scope for the site, personally. At this point I simply do not see the value in educating people on how to use non-private services like WhatsApp “privately,” when such a task is in fact not truly possible. I consider placing trust in supposed security layers like WhatsApp’s end-to-end encryption actively harmful in the sense that it creates a false sense of security for its users (as evidenced by the number of people who recommend WhatsApp over alternative messengers due to this feature).

When companies like Meta add (typically half-baked) features like end-to-end encryption and encrypted backups while simultaneously ignoring protection of critical details like metadata, and add built-in features which defeat security benefits like E2EE anyways, they are attempting to create an illusion of privacy and security as a marketing point, and when those security features are not on by default (e.g. encrypted backups) they are attempting to worsen the public perception of security features, so that people give up and accept whatever Meta wants them to do.

Nobody wants to complete a personal privacy audit on every single website they visit. This is an exercise in choice architecture, designed to make you take the easy route out instead of delving into a maze of configuration options that don’t need to exist in the first place.

Control over your privacy inside most apps is an illusion. It’s a shiny dashboard with all sorts of choices you can make about your data, but rarely the choices you’re looking for, like “only use my data to help me.” This type of control is meant to make you feel guilty about your choices, that you “had the choice” to make the apps you use more private, and you chose not to.

The only exception to this is when we can recommend layering a user-controlled, private solution on top of a non-private platform, for example: using Cryptomator with Google Drive.

So anyways, I’m gonna tentatively mark this suggestion as rejected, but we’re open to further discussion here too if you/anyone disagrees.


I agree it’s absolutely unfit for a recommendation.

But there’s also the “knowledge base” section, where there is a lot of effort into making the best of privacy invasive products/services that people can’t do without. I’ll jump over iOS and MacOS and go straight to that tentative Windows guide that if I’m not mistaken wasn’t actually rejected, just didn’t move forward.

My proposal seems very in line with what we find in the KB.


We have:

Encrypted iMessage¶
The color of the message bubble in the Messages app indicates whether your messages are E2EE or not. A blue bubble indicates that you’re using iMessage with E2EE, while a green bubble indicates they’re using the outdated SMS and MMS protocols. Currently, the only way to get E2EE in Messages is for both parties to be using iMessage on Apple devices.

If either you or your messaging partner have iCloud Backup enabled without Advanced Data Protection, the encryption key will be stored on Apple’s servers, meaning they can access your messages. Additionally, iMessage’s key exchange is not as secure as alternative implementations, like Signal (which allows you to view the recipients key and verify by QR code), so it shouldn’t be relied on for particularly sensitive communications.

That’s two paragraphs to explain how to get iMessage “hardened” to WhatsApp’s level of badness, where Apple has only the metadata and all the rest is just poorly encrypted. Because some people can’t ged rid of iMessage, just like people in other countries can’t do without WhatsApp.


“I took care of my privacy like it said in PrivacyGuides for WhatsApp (et al) but I dont know why it didnt work and the bad people still got to me”.

We really dont want the people to go after the PG site for “bad” recommendation and I would agree for a sort of addendum to the site that it is sort of useless to make any other app more private/secure when the app implements it in a bad faith sort of way.

I was thinking of sending messages in PGP on top of WhatsApp but its such a bother to do so manually (thru copy-paste) and if the receipient of the messenge wont even accept the low friction of adoption that signal has, I doubt the idea of sending PGP encrypted message will be equally palatable.

1 Like

That’s an interesting point regarding iMessage I’ll think about…

Something I will say though is that we wrote the macOS and iOS guides (and are writing the Windows guide) because operating systems are challenging to replace, and in some cases impossible even on a technical level, if you already own an iPhone that’s going to help you.

Additionally, when it comes to operating systems they’re something we consider basically the least important thing to “swap out” when it comes to improving your privacy stature:

On the other hand, there are no technical challenges to swapping out applications in most cases, which is why so much of our focus is on swapping out applications and cloud providers, rather than “making the best of” the apps/providers you already use.

There are social challenges like you say though, certainly. Improving privacy overall is inherently a social challenge though, so…

  • When it comes to social challenges like getting people to swap messengers, I think that Privacy Guides should take a hard-line approach and very strongly push people down the “swap out your apps for these alternatives” path, because ultimately that would be the best-case scenario in the long-term.
  • When it comes to technical challenges like the reality that pre-existing hardware isn’t always compatible with the most private software, or that some private software isn’t feature-complete, I think that Privacy Guides can approach those situations with more grace towards the users, informing end-users on how to do the best they can within those limitations, while still encouraging people and developers to make better choices when it comes to future purchases.

This is why I currently consider operating system guides different from application guides in our knowledge base basically.


While I dont in principle disagree with the stance of not guiding people into making fundamentally flawed stuff more secure, my experience is that the average person is open to suggestions to help them improve their security and privacy in the services they already use, like whatsapp. That then sparks their interest in privacy and security in general and they may be willing to try different apps and services. In short, a lot of times its a journey, not an on/off switch.


we should recommend wrapping stuff instead.

For eg. Twitter inside sandboxed browser profile with alias info. gmail similar.

I think that would drastically slow down this privacy invasion wave. Ofcourse moving to mostodon would be ideal but you can’t really make everyone move there (not yet atleast). As the “privacy-products” aren’t really that mature and… network effects.

I am currently using whatsapp through a Matrix-WhatsApp puppeting bridge. Yeah it isn’t really more private or secure but if I

  1. Got different numbers for different use-cases (compartmentalization)
  2. Connected them to a matrix client that can serve different accounts in the same UX. (XMPP/Cheogram has this)… Beeper trying to do this, But I personally wouldn’t use beeper as we don’t have access to the config bots (more important) or the server config.

I can virtually has the same experience I would have through directly whatsapp. But I would be more private. (albeit less secure as there is one hop in b/w)

This helps me to get information from different groups which I wouldn’t have to access to, If I did not used whatsapp at all. If I am not sending anything, the E2EE problem shouldn’t be a problem for me atleast.

If we poison our data with misinformation, this can serve as an antidote to that shadow profile problem your article mentioned.

wrapping stuff is a temp. solution. A long term solution will ofcourse be moving everyone to signal and then Companies will also adopt it as their communication mechanism (because of demand pull).