Is WhatsApp Being Ditched for Signal in Dutch Higher Education? (dub.uu.nl) 42
For weeks Signal has been one of the three most-downloaded apps in the Netherlands, according to a local news site. And now "Higher education institutions in the Netherlands have been looking for an alternative," according to DUB (an independent news site for the Utrecht University community):
Employees of the Utrecht University of Applied Sciences (HU) were recently advised to switch to Signal. Avans University of Applied Sciences has also been discussing a switch...The National Student Union is concerned about privacy. The subject was raised at last week's general meeting, as reported by chair Abdelkader Karbache, who said: "Our local unions want to switch to Signal or other open-source software."
Besides being open source, Signal is a non-commercial nonprofit, the article points out — though its proponents suggest there's another big difference. "HU argues that Signal keeps users' data private, unlike WhatsApp." Cybernews.com explains the concern: In an interview with the Dutch newspaper De Telegraaf, Meredith Whittaker [president of the Signal Foundation] discussed the pitfalls of WhatsApp. "WhatsApp collects metadata: who you send messages to, when, and how often. That's incredibly sensitive information," she says.... The only information [Signal] collects is the date an account was registered, the time when an account was last active, and hashed phone numbers... Information like profile name and the people a user communicates with is all encrypted... Metadata might sound harmless, but it couldn't be further from the truth. According to Whittaker, metadata is deadly. "As a former CIA director once said: 'We kill people based on metadata'."
WhatsApp's metadata also includes IP addresses, TechRadar noted last May: Other identifiable data such as your network details, the browser you use, ISP, and other identifiers linked to other Meta products (like Instagram and Facebook) associated with the same device or account are also collected... [Y]our IP can be used to track down your location. As the company explained, even if you keep the location-related features off, IP addresses and other collected information like phone number area codes can be used to estimate your "general location."
WhatsApp is required by law to share this information with authorities during an investigation...
[U]nder scrutiny is how Meta itself uses these precious details for commercial purposes. Again, this is clearly stated in WhatsApp's privacy policy and terms of use. "We may use the information we receive from [other Meta companies], and they may use the information we share with them, to help operate, provide, improve, understand, customize, support, and market our Services and their offerings," reads the policy. This means that yes, your messages are always private, but WhatsApp is actively collecting your metadata to build your digital persona across other Meta platforms...
The article suggests using a VPN with WhatsApp and turning on its "advanced privacy feature" (which hides your IP address during calls) and managing the app's permissions for data collection. "While these steps can help reduce the amount of metadata collected, it's crucial to bear in mind that it's impossible to completely avoid metadata collection on the Meta-owned app... For extra privacy and security, I suggest switching to the more secure messaging app Signal."
The article also includes a cautionary anecdote. "It was exactly a piece of metadata — a Proton Mail recovery email — that led to the arrest of a Catalan activist."
Thanks to long-time Slashdot reader united_notions for sharing the article.
Besides being open source, Signal is a non-commercial nonprofit, the article points out — though its proponents suggest there's another big difference. "HU argues that Signal keeps users' data private, unlike WhatsApp." Cybernews.com explains the concern: In an interview with the Dutch newspaper De Telegraaf, Meredith Whittaker [president of the Signal Foundation] discussed the pitfalls of WhatsApp. "WhatsApp collects metadata: who you send messages to, when, and how often. That's incredibly sensitive information," she says.... The only information [Signal] collects is the date an account was registered, the time when an account was last active, and hashed phone numbers... Information like profile name and the people a user communicates with is all encrypted... Metadata might sound harmless, but it couldn't be further from the truth. According to Whittaker, metadata is deadly. "As a former CIA director once said: 'We kill people based on metadata'."
WhatsApp's metadata also includes IP addresses, TechRadar noted last May: Other identifiable data such as your network details, the browser you use, ISP, and other identifiers linked to other Meta products (like Instagram and Facebook) associated with the same device or account are also collected... [Y]our IP can be used to track down your location. As the company explained, even if you keep the location-related features off, IP addresses and other collected information like phone number area codes can be used to estimate your "general location."
WhatsApp is required by law to share this information with authorities during an investigation...
[U]nder scrutiny is how Meta itself uses these precious details for commercial purposes. Again, this is clearly stated in WhatsApp's privacy policy and terms of use. "We may use the information we receive from [other Meta companies], and they may use the information we share with them, to help operate, provide, improve, understand, customize, support, and market our Services and their offerings," reads the policy. This means that yes, your messages are always private, but WhatsApp is actively collecting your metadata to build your digital persona across other Meta platforms...
The article suggests using a VPN with WhatsApp and turning on its "advanced privacy feature" (which hides your IP address during calls) and managing the app's permissions for data collection. "While these steps can help reduce the amount of metadata collected, it's crucial to bear in mind that it's impossible to completely avoid metadata collection on the Meta-owned app... For extra privacy and security, I suggest switching to the more secure messaging app Signal."
The article also includes a cautionary anecdote. "It was exactly a piece of metadata — a Proton Mail recovery email — that led to the arrest of a Catalan activist."
Thanks to long-time Slashdot reader united_notions for sharing the article.
Meta cannot be trusted (Score:5, Insightful)
Use anything from Meta and expect your privacy to be compromised, either directly or indirectly. That's why I have Meta's IP addresses blocked by my firewall.
Re: (Score:2)
Why does anything have to go through a third party? Use gpg for real end to end email encryption and setup your own chat server with proper encryption if needed if you are really concerned about privacy.
Re: (Score:3)
And chat with yourself? Communication relies on a network effect. For many people receiving a GPG encrypted email just means they will throw your relationship into the too-hard basket.
Re: (Score:2)
Because NAT killed p2p comms years ago.
Also you need some kind of account and queue management. Even mail has a 3rd party: the MTA and MDA.
Re: (Score:2)
Use anything from Meta and expect your privacy to be compromised, either directly or indirectly. That's why I have Meta's IP addresses blocked by my firewall.
Where did you come from? Personally I came from SMS messages sent analogue over open airways, and unencrypted email bouncing around who knows what servers in the world. After that we moved to digital SMS and MMS right around the time it was in vogue for the government to intercept these messages and for telephone companies to datamine them. Fast forward to 2025 and nothing's changed other than the people who have access.
Rather than asking if someone can be trusted, a better question would be: what would you
Re: (Score:3)
If someone is ONLY on Meta servers, then that's no one I feel any need to talk to. I've lost some friends when I quit Facebook, but most of those know how to get a hold of me if they really want.
Re: (Score:2)
If someone is ONLY on Meta servers, then that's no one I feel any need to talk to.
Well you do you. Personally I judge people's value based on the things that they say and the importance of the conversation based on the content.
Judging people based on an application they say something on you use makes you ... well actually a typical stuck up Slashdotter, but it's also a very stupid way to go through life.
Re: (Score:3)
Shutting your communications off from the world spying on you seems like a good way to ensure privacy.
In this era of Trump/Musk authoritarianism, it's a wise move to avoid being rounded up and sent to a Venezuelan prison.
Just crossing a border with the US has become dangerous. They can and will spy on everything that you have written.
Re: (Score:3)
What else can you expect coming from a Sociopath like Zukerberg?
Re: (Score:1)
You distrust Meta, but you blindly trust Signal, a messenger comonly used by criminals. Have fun being detained at the airport!
Re: (Score:3)
Not in free countries.
Re: (Score:2)
Signal is far from ideal though. You need to give them a working phone number to sign up, and using a burner risks losing access to your account. You are reliant on their servers and their app too, no third party or decentralized options. Signal LLC is based in the US as well, not the ideal legal jurisdiction for a company that is critical to the security of the whole Signal app and network.
There are better options, but none of them gain any significant traction. People seem to just want a "probably good en
Re: (Score:2)
Signal is far from ideal though. You need to give them a working phone number to sign up, and using a burner risks losing access to your account.
It is now possible to use unique usernames for messaging IDs instead of a telephone number which is kept private. https://signal.org/blog/phone-... [signal.org]
So you can probably also use a burner phone now too.
Re: (Score:2)
As long as Signal never leak your phone number, or give it to to some tyrannical government.
What is your threat model? (Score:2)
If the threat model includes American intelligence agencies going through all that trouble just to switch an American alternative with American servers still vulnerable to traffic analysis is a bit silly.
Still comes from the US (Score:2)
It is unfortunate that researchers have debunked the marketing materi
Re: (Score:1)
Re: (Score:2)
There's no official order anywhere this is just an advisory.
As for using WhatsApp, *EVERYONE* uses WhatsApp for *EVERYTHING* in the Netherlands. I guarantee your university has more than one way to communicate with you in Germany.
People of course exchange private numbers, but most seem to prefer Signal, Threema and other more secure messengers in STEM.
What people do in a specific field is irrelevant. Everyone still has WhatsApp in the country. It's the de facto default for communication.
Re: (Score:2)
Yes, probably 90% of the people here at the university in my German city use WhatsApp. The other 10% hate Meta and use only Signal or Telegram.
But the university will never dare to use a mobile messenger to contact you. They will send an email or a letter.
Re: (Score:2)
More correctly, Austria. The one without 'roos.
Shhhh. One of Austria's greatest achievements is that people think Hitler was German and Beethoven was Austrian rather than the other way around. Don't ruin it ;-)
Re: (Score:1)
Not a secret.
But he was irrelevant until Germany provided him with the opportunity to start WWII and kill a bunch of Jews. Austria didn't do that, Germany did.....and all the people in Germany that liked his message and elected him into power.
Re: Dutch universities use WhatsApp? (Score:2)
I donâ(TM)t know what rock you live under but WhatsApp is the defacto standard messenger for everyone I know in Germany. And I have lived here for 18 years in 3 cities.
Re: (Score:2)
Posting garbage as AC... so brave! Much hero!
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
Is everything in those servers gonna be made by the Dutch? If not....well, that's not much different than their current messaging software not being made by the Dutch. They're still dependent on outsiders.
They both suck (Score:2)
Both Whatsapp and Signal suck. They rely on a mobile phone number as the identifier. You can't register without having a cell phone. I think you can't even have whatsapp logged on two phones simultaneously. They are full of arbitrary limitations like that. As if they've been designed by idiots from day 1.
Also, while privacy is nice, I want access to all my chat history from a server, and be able to search into it. Having it stored on my cell phone isn't enough.
Re: (Score:2)
They are full of arbitrary limitations like that.
There's nothing arbitrary about it. WhatsApp was a system designed to identify if other people with iPhones have their phone on and are using it. It then expanded into providing messaging. It was fundamentally about being attached to a phone number and never about being a generic communication device. If you want that use a different service.
You not understanding something doesn't make a designer an idiot. In fact you complaining about a service not doing something it wasn't designed to do sort of makes you
Re: (Score:2)
There's nothing arbitrary about it. WhatsApp was a system designed to identify if other people with iPhones have their phone on and are using it.
OK then sorry. It ONLY sucks as a messaging protocol/client. It may not suck as other things nobody cares about, such as being a tool to identify if people with iPhones have their phone on.
It then expanded into providing messaging.
Which is the WHOLE point of Whatsapp. Nobody would be using it if it didn't provide messaging. You know that, right?
It was fundamentally about being attached to a phone number and never about being a generic communication device.
Exactly, that's the fundamental I'm criticizing here. It was a wrong choice to begin with. No messaging service should ever be attached to a phone number.
Re: (Score:2)
Both Whatsapp and Signal suck. They rely on a mobile phone number as the identifier.
Wrong. Sit in it. Just... soak it up [signal.org]
Signal remains the best tool available outside of rolling your own.
Re: (Score:2)
They've added a half-assed "username" afterwards. But it's too little too late:
you will still need a phone number to sign up for Signal
Also, they don't even have a web-based client. I should be able to go to signal.org, register (without requiring a phone number) and start using it from my browser. With complete history of all my past conversations. Until then, it's total crap.
Re: (Score:2)
With complete history of all my past conversations.
Tell us you have less than zero clue what you're whining about, or secure chat, without actually uttering the words.
Shush now. Actual adults conversing.
Re: (Score:2)
Oh I understand there is a compromise to be made here between convenience and privacy. In that case I prefer convenience, though.
Technically, all my chat history could be stored encrypted on a server, and I could have access to all my history without giving up my privacy. That is until someone breaks the encryption, or get access to my password or whatever. So yes the safest is always not to store any history.
And I also understand that storing all my history cost some money. Money signal may not have, given
The problem is funding (Score:2)
Yes. Signal as a non-profit public good is better than WhatsApp as a corporate data sponge.
But if users flocks to Signal, they are no longer going to be able to handle the traffic. They will need more backend infrastructure, which costs. And history has shown that donations typically do not sustain these services. They are going to need a source of revenue. So they start charging, which makes people look for the next free clone or they turn into a data sponge themselves.
People need to accept that services n