Instant Anonymity: Are Ephemeral Apps Really Safe?
Personal privacy is a right that every person is entitled to. Naturally, online users are more inclined to want better privacy amidst all the recent reports on data breaches, ransomware attacks, and nationwide surveillance. When you hear about hackers stealing personal emails or photos left and right, wouldn’t it bother you?
For some, the answer to maintaining online privacy and anonymity take on a promising form with ephemeral apps. These are online services that ensure that messages, images, or voice calls vanish, get encrypted, or self-destruct after consumption. Creating and using ephemeral apps are so popular these days that one of the most popular of these apps, the self-destructing photo app Snapchat, counts more than 100 million users monthly.
Relying on a service that promises to get rid of information you don’t want everyone to know is a risky proposition. Despite their popularity and the privacy features that they promote, using ephemeral apps still has its downsides.
Risks of Using Anonymous Apps
The risk you take when you trust these apps with your sensitive data or information is that you can't really be sure of complete privacy, or that private data is actually going to stay private. Recently, the secret-sharing app Whisper went under fire when a news outlet reported about its involvement in monitoring user location, even after users specifically opted out of the tracking feature. This is a serious concern, since the idea behind "whispers", or photos with short statements superimposed on them, is to air or vent out messages anonymously after all.
Reports indicate that the app uses an in-house mapping tool to pinpoint where messages are sent from, even for those who turned off their geolocation services. Apart from the location, the app was also said to store the precise time when messages are sent for an indefinite period, the use and length of which can be as vague as its promised “brief period of time” of data retention.
Whisper reportedly changed its terms and conditions to expand to its existing data-sharing practices, as follows:
- The app shares targeted information on smartphones used from US military bases and compounds to aid in a research into suicides.
- It passes data from the US to sites overseas to watch for inappropriate behavior in a process described as “extremely secure.”
- It also shares user information to the FBI and the British security service MI5 with a lower legal threshold requirement compared to other tech companies.
“Whisper does not collect nor store any personally identifiable information (PII) from users, and is anonymous,” responds Whisper editor Neetzan Zimmerman in a statement decrying most these concerns as false. He added that the data gathered for opt-in users are obscured to 500 meters of their actual location and that the app moderators do not have access to personally identifiable information.
Unfortunately, we can’t say the same for a number of Snapchat users. Up to 200,000 images stolen from a third-party client app’s 13GB library were hacked and released online. Given that half of the app’s users are teens between 13 to 17 years old, most of the snaps that were made public are believed to include child pornography.
Despite these incidents, the demand for anonymity remains steadfast.
The most popular social network, Facebook, has recently dipped its feet into privacy chatrooms with the creation of “Rooms.” Bringing back the popular chatrooms of years past, this app lets people create spaces for discussion with a specific set of rules.
In its announcement, Facebook stressed that Rooms is a place where users are allowed to create different identities for different topics, saying, “It doesn’t matter where you live, what you look like or how old you are – all of us are the same size and shape online.”
Meanwhile, the social media site appeared to ramp up in its effort to promote privacy by offering Facebook access via the Tor network. Tor is one of many existing deep web networks known as places in the Internet that are hard for search engines to index.
The problem with the promise of instant anonymity? It's the feeling of complacency that people feel when they are made to believe that their information is safe or hidden.
The Issue with Instant Anonymity
It’s easy to see why ephemeral apps sell like miracle drugs to a very sick public consciousness. These days, it appears as though the cancer of data intrusion has spread across every online service, the thought of anonymity becomes very liberating.
Plus, these services are usually free. Download, register, and use as you will. Anonymity in a box. And yet, the cancer spreads. Ephemeral apps are just painkillers that don’t solve the bigger issue of online privacy. Your secrets are still out there. The problem with the promise of instant anonymity? It's the feeling of complacency that people feel when they are made to believe that they're safe, and that their information is hidden. When people start to believe that the data they shared will be gone or will remain hidden forever, who cares about secure passwords or a patched device?
Truth is: Anonymity is not that simple or easy, especially not on the internet.
What Can You Do?
Not everything we see and read online is real. Keep the following points in mind when dealing with personal data and privacy:
- Encrypt. Entrust your most sensitive data only to services that safely stores and encrypts information.
- Anticipate public access. Be wary of what you share to services that store information in public servers. Ask yourself, “Do I want others to see or read this?”
- Keep things private. Opt-out of default app settings that ask for too much information. Regularly delete cookies and consider private browsing.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Trigona
- Steering Clear of Security Blind Spots: What SOCs Need to Know
- Understanding the Kubernetes Security Triad: Image Scanning, Admission Controllers, and Runtime Security
- Preempting Threats to Connected Cars: The Importance of Cybersecurity in a Data-Driven Automotive Ecosystem
- Your Stolen Data for Sale