WhatsApp Hired 1000 Employees to Spy on Private Messages

A few days back, an investigation was revealed by portal ProPublica who exposed a controversial strategy involving two of the most used applications: Facebook and WhatsApp messaging. Security policies of both of these apps ensure that their employees do not read the messages of their users.

According to ProPublica Portal, investigations have revealed that WhatsApp and its parent company, Facebook, has hired more than 1000 employees that peek through “thousands of private messages, videos, and images” of their users, which are shifted between the users using the WhatsApp messaging app [1].

As per the ProPublica report, Facebook has hired more than 1000 staff to spy on millions of chats, and voice messages that are sent using this particular messaging app, WhatsApp. These workers are hired on an hourly basis and are asked to use special Facebook software that assists those staff members to invade through or scrutinize the long stream of personal and private messages of an individual including videos and images which is reported to be an improper action by millions of the app users [2]. Not only do the staff members keep a check on the personal messages but also report them to the government officials and agencies through artificial intelligence systems.

It is claimed by both Facebook and WhatsApp that messages and private chats are screened and flagged when the conversation seems to be doubtful or having inappropriate content [3]. The companies further added that they do not intrude upon the personal voice calls and all other messages which seem appropriate are not handed over to the government agencies or companies and are kept encrypted one-to-one.

All such actions of invading through personal messages contrast with the WhatsApp privacy policy that emphasizes that messages among the users cannot be decrypted by any means, neither by the company itself nor by any outsider, and the messages are encrypted end-to-end [4].

However, as per the recent report published by ProPublica based on interviews with the moderators and internal documents, it seems that WhatsApp company is acting opposite to what it has previously said regarding the messages encryption or privacy and security.

It has been revealed that,

WhatsApp has more than 1,000 contract workers, filling the floors of office buildings in Austin, Texas, Dublin, and Singapore. […] They make judgments about anything that appears on your screen, claims of everything from fraud or spam to child pornography and possible terrorist conspiracies, usually in less than a minute

Not only this, but it has also been revealed that the hired workers or moderators are not directly linked to or employed in Facebook or WhatsApp companies, but are hired on an hourly contract basis, for instance, they are given 16.50 USD per hour basis, and they are asked to keep silent for what they do (spying), under the nondisclosure contracts.

The Content That is Observed by WhatsApp

As per the investigation report, the content that makes the hourly-based contractors attentive are the messages which are reported by the users or are flagged by the AI (artificial intelligence) tool. In this manner, when any of the users press the “report” tab, the message in question along with the four previous messages in the respective chats is then decrypted and are sent for review by one of the moderators.

Those messages which are opted by the AI are then scrutinized based on unencrypted information (or data) which is gathered by WhatsApp, for instance, user name and its profile picture, data about different WhatsApp groups and the profile picture of these groups, phone numbers of the users, statuses and messages, Time zones, language and battery level of the mobile phone, IP address as well as the Unique ID of the phone, furthermore, phone operating system, and wireless signal strength, along with it a list of user’s electronic gadgets, as well as any other linked/related social media accounts like Instagram and Facebook, the last time when these applications of accounts were used, and any history of violation before.

It has also appeared that sometimes, the posts which are reviewed by the moderators were mistakenly flagged. WhatsApp has approximately 2 Billion users that speak more than hundreds of languages, and the company’s workers have to completely depend upon the translation tool presented by Facebook to scrutinize or examine the flagged messages. As per one of the contractors, “Translation tool is one of the horrible tools do decode the political content as well as the local jargon”.

It has also been revealed in an investigation report that “WhatsApp not only does spy on the private and personal messages of its users but also share some of the data with the law enforcement agencies and government, for instance, US Department of Justice”. Taking out an example from this, ProPublica reported that the information acquired through the WhatsApp users could assist the prosecutors to create a case against the former employee of the Treasury Department, named, Natalie Edwards. The employee allegedly leaked and shared the confidential and private bank documents and reports on the apprehensive transactions to a provide News agency.

In addition to the above, there are few occasions, where government agencies were alleged, particularly in political scenarios, to make use of the spyware on some of the targeted phones for the decrypted texts and messages. One such example is from 2019, where various WhatsApp accounts were spied on by an Israel-based cyber technological firm known as NSO using surveillance software “Pegasus”. In another example, Ex-CEO of Amazon, Jeff Bezos, found his mobile phone hacked in the year 2018 when he received WhatsApp messages that were supposedly sent by the Prince of Saudi Arabia.

Considering the IT Act and Telegraph Act, law enforcement agencies can keep an eye on and monitor the individual’s mobile devices as well as internet calls. Nevertheless, as calls and chats via WhatsApp remain encrypted end-to-end, they might not be intercepted while transmission, unlike regular mobile device communications [5].

However, this does not refrain the law enforcement agencies or the attackers from reading the individual’s chats or conversations by making use of spyware to breach the handset. The spyware covertly targets the vulnerability/ susceptibility within the WhatsApp VoIP stack, that is used to form video and audio calls [6]. All that is required by the spyware to be deployed or installed within the mobile phone device is a missed voice or video call to the victim or target via WhatsApp. It then invades through WhatsApp messages, conversations, settings including passwords, and contacts and also voice calls that have been made using that targeted device from a particular application such as WhatsApp. Not only this, but it also gives the attacker access to the target device’s camera, GPS for tracking the live location as well as the microphone.

Respond from WhatsApp About Spying

WhatsApp Communication Director named, Carl Woog has acknowledged that messages are reviewed by the contractors just to “identify and eliminate the worst abusers”. He also added, “WhatsApp is a lifesaver for millions of people around the world. The decisions we make, about how we create our application, focus on the privacy of our users, maintaining a high degree of reliability and preventing abuse.” [1]

References

[1] “What about privacy? WhatsApp has 1000 employees who read private messages from users!,” Today in 24 English, Sep. 10, 2021. https://today.in-24.com/News/358858.html (accessed Sep. 17, 2021).

[2] R. Reyes, “Facebook hired more than 1,000 workers to ‘filter content’ on WhatsApp,” Mail Online, Sep. 07, 2021. https://www.dailymail.co.uk/news/article-9966435/Facebook-hired-1-000-workers-examine-millions-pieces-content-WhatsApp.html (accessed Sep. 12, 2021).

[3] P. E. Silverman Jack Gillum,Craig, “How Facebook Undermines Privacy Protections for Its 2 Billion WhatsApp Users,” ProPublica. https://www.propublica.org/article/how-facebook-undermines-privacy-protections-for-its-2-billion-whatsapp-users?token=OmGxR41jg74Wy-Z2_wutxaMzoUn6o6Jn (accessed Sep. 12, 2021).

[4] “Facebook hired more than 1,000 workers to ‘look up millions of content’ on WhatsApp,” Eminetra.co.uk, Sep. 07, 2021. https://eminetra.co.uk/facebook-hired-more-than-1000-workers-to-look-up-millions-of-content-on-whatsapp/687596/ (accessed Sep. 17, 2021).

[5] K. D. N. D. October 3, 2020 ISSUE DATE: October 12, 2020UPDATED: October 3, and 2020 12:52 Ist, “How private are your WhatsApp chats?,” India Today. https://www.indiatoday.in/magazine/cover-story/story/20201012-how-private-are-your-whatsapp-chats-1727605-2020-10-03 (accessed Sep. 11, 2021).

[6] “Fact check: Is the govt spying on your WhatsApp messages? PIB clears it out,” HT Tech, Apr. 07, 2020. https://tech.hindustantimes.com/tech/news/fact-check-is-the-govt-spying-on-your-whatsapp-messages-pib-clears-it-out-story-CSIW4ABVi4As5qiitgQCrK.html (accessed Sep. 11, 2021).