Article Lead Image

Whisper responds with answers in user tracking scandal

Whisper defends itself (again).


Taylor Hatmaker


Posted on Oct 24, 2014   Updated on May 30, 2021, 8:24 am CDT

Anonymous social messaging app Whisper has responded again to defend its practices after the Guardian published a damning report of the app’s privacy policies last week. The direct response to 10 questions directly posed by the Guardian went live on Friday night (a notoriously good time to quietly post bad news) as a PDF document rather than an official update on the company’s blog. Whisper’s editorial side previously published point-by-point responses to the Guardian’s allegations in a statement last week.

The statement, titled “Setting The Record Straight,” comes from Whisper cofounder and CEO Michael Heyward, who appears to have no intention of backing down in defense of his popular anonymous platform. Heyward asserts that the Guardian‘s controversial reporting, sourced from meetings about a potential editorial partnership between Whisper and the British newspaper, remains “highly misleading or just plain wrong,” a result of “technology-related inferences based on discussions with non-technical people.” He also mentioned that none of the Whisper staff knew they were on record. 

In the statement, Heyward condemns the very public reaction of his team’s editorial lead, former Gawker staffer Neetzan Zimmerman. “Neetzan’s reaction to the Guardian’s allegations has taken away from the substance of the issue, which is that much of the Guardian’s reporting on this issue has been highly misleading or just plain wrong,” Heyward writes. Zimmerman published a flurry of rapid-fire tweets aggressively denying the allegations after the Guardian‘s first story.

First response: The Guardian’s piece is lousy with falsehoods, and we will be debunking them all. Much more to come.

— Neetzan Zimmerman (@neetzan) October 16, 2014

Heyward goes on to dismiss ongoing claims that Whisper meaningfully tracks the location of users who actively opt out of sharing their location data to the app. He confirms that Whisper does collect IP addresses, useful for inferring a user’s location, regardless of whether a Whisper user opts in or out of location sharing. Heyward notes that IP collection is a common practice and that Whisper’s safety team uses this data in certain cases (though, notably, he confirmed that the editorial team is privy to the same IP data):

“This is confusing the practices of the safety team with the editorial team. If we receive a valid legal request, or we learn through a Whisper post of an imminent and serious threat to people’s safety, the safety team will forward the IP address (if we have it) to the appropriate legal authority. For example, if a user is soliciting minors, we will share the limited information we have with the National Center for Missing and Exploited Children.”

Whisper’s editorial team uses keywords to infer location from users who have opted out of sharing their exact geodata in addition to historical geodata “fuzzed” to 500 meters to vet Whisper accounts that do choose to share their location.

Heyward did not debunk the Guardian‘s quote from a Whisper executive that one user, a “sex-obsessed” lobbyist in D.C., was “a guy that we’ll track for the rest of his life and he’ll have no idea we’ll be watching him,” instead stating that he is “deeply troubled” by the alleged quote, “which does not reflect [Whisper’s] values.” Heyward notes that members who were present during the meetings between the newspaper and the company are now on leave as the company investigates the Guardian‘s claims.

The Guardian isn’t the only one with questions. On Oct. 22, Senate Commerce Committee Chairman Jay Rockefeller wrote a letter to Heyward asking him to clarify the ongoing murky language around the app’s privacy practices. Whether the most recent answer will suffice remains to be seen.

Illustration by Jason Reed

Share this article
*First Published: Oct 24, 2014, 10:57 pm CDT