I can’t avoid WhatsApp (I tried to get my community org to move to Signal for over a year but in the end it just didn’t work). Guess it has to stay on my phone but in terms of actively using it - is the phone app or desktop app more private? Or both as bad as each other (or browser window, I suppose). Same question for Facebook and other Meta apps (which admittedly are a bit more optional).
iPhone 16 and running Brave on my Mac.
PWAs on the desktop as the best way to go about it. Brave has a built in option. Firefox has a FOSS extension you can use that works well and is actively maintained.
Can’t do anything on iOS other than locking down with whatever privacy and security settings you can enable.
And of course, use a VPN everywhere.
Edit:
You will need to always have it be active/installed on iOS to be able to use on desktop. FYI.
I am in the same situation, I made these settings in Whatsapp:
I enabled two step verification and added an alias mail.
I disabled link previews.
I activated “protect IP address on calls”.
I activated end-to-end encrypted backup.
I also avoided putting my full name. I’m waiting for Whatsapp to release the update it announced months ago that allows adding contacts without sharing phone number.
On desktop you can use PWA but you wouldn’t have the notifications feature, alternatively you can use cross-device sync with KDE Connect to compensate for this limitation, you also wouldn’t be able to make calls unless you download the app.
With Facebook I also used an alias mail and enabled two step verification, I don’t know if it can work without needing to register a cell phone number, I removed it a while ago and my account remains problem free, so at least it doesn’t seem to need a phone number for the account to work. It also lets me work using a VPN.
Don’t bother. If your contacts are like me, I have people listed as SURNAME, GIVENNAME in my phonebook.
There’s an enormous amount of info Meta has without our consent. Thanks friends.
Kinda off-topic, but what I personally liked to do (mostly for privacy but for fun as well) is when I was used to allow WA to access my contacts I gave them random names, like Crimson Mango or Galaxy Raspberry. Of course giving fake/alias names isn’t effective, since they’ll have access to the phone number anyways, which may be used to identify contacts, so it isn’t the best privacy move.
I have some problems to keep contacts private, since WA collects contacts data as well, so I’d like to make an app, maybe a shell script or an Android app (I’m not a software developer btw) to scrape contacts stored on the phone, in the app itself or other services and encrypt them, and then handle an instantaneous WA link that opens a chat for that number (since you can open a chat with someone by going to https://wa.me/{countryCode}{phoneNumber}), but the problem is that Statuses aren’t going to be available, since they require WA contacts for that.