The Guardian exposed in a series of articles how the creators of the Whisper app track individual and group behavior.
Whisper violated their own claims made in their terms of service and privacy policy which was updated just days before the Guardian article was published, but after being asked for comment for the publication. :/
- They had tools to track and build profiles of users although claiming they would be “anonymous”
- They tracked the location of people who explicitly opted-out of geolocation
- They cooperated with the DoD, sharing infos about messages from military personnel
- They shared information with law enforcement bodies like the FBI and MI5 with a lower legal threshold than is common practice
They process data with a staff of over 100 in the Philippines although claiming to process and store all data in the US.
Update: The Guardian has since published a clarification, removing some of the previous claims. It seems like Whisper really planned to change their ToS for quite some time and doesn’t store data on non-US servers. The claims about geolocation tracking for those who’ve opted out is based on Whisper’s ability to geolocate IP addresses (which may be a quite rough estimation).