What Is This Page About?

In recent years, smartphone messenger apps have gained so much popularity that they will, sooner or later, replace SMS-based text messaging. The resulting privacy implications, however, have thus far been neglected. With this project, therefore, we aim to raise awareness of the various kinds of privacy-related information that can be queried using a phone number without any user authorization. We will also highlight how regularly querying a user’s online status can easily allow inferences to be drawn about their living habits. For more details, please refer to the Problem Statement and Technical Background pages.

What Are the Privacy Implications?

It is well-known that intentionally shared profile information, such as pictures and status messages, can be queried using a user's phone number without their knowledge. The fact that this also comprises system events, such as a user's current availability status, has, however, been thus far mostly overlooked. To demonstrate the reality of this threat, we monitored the online times of 1,000 randomly chosen users of the popular WhatsApp messaging application over several months. We will use anonymised usage statistics to demonstrate that large-scale monitoring of users’ online times is practically feasible, as well as showing how this collected data can allow insights into users’ daily habits. The resulting privacy implications are numerous and depend highly on the social context: excessive messaging during working hours, for example, might upset a manager, while ignoring messages could potentially jeopardize a user's romance or partnership. In conclusion, using smartphone messenger apps instead of well-known communication methods, such as SMS or email, leads to a significant loss of plausible deniability.

For more details on our collected data, please refer to the Summary Data and User Statistics pages.

How Can I Protect Myself?

Unfortunately, affected messenger services (like WhatsApp, Telegram, etc.) currently provide no option for disabling access to a user's "online" status. Even WhatsApp's newly introduced privacy controls fail to prevent online status tracking, as users still cannot opt-out of disclosing their availability to anonymous parties. For information on stopgap measures, however, please refer to the Recommendations page.

Find out how frequently and how long users spent with their popular messenger.

Random User Statistics

Explore the timeline of randomly selected WhatsApp users to get an impression of how messenger usage might invade your privacy.