Anonymous social media app Whisper might be tracking the location of users via GPS or IP address on their smartphones and then handing that info over to the U.S. Department of Defense, according to the Guardian.
The Guardian says that during a three-day trip to discuss a partnership with Whisper, it discovered that the L.A.-based startup was pinpointing user locations within 500 meters, even after some of them had opted out of the ability to be tracked. An estimated 20 percent of users have opted out of geolocation tracking, according to the Guardian report.
Whisper allows millions of users to superimpose messages and personal information onto images and then post them to the app for others to see. Part of its promise is anonymity to those who want an outlet to post secrets or other things they don’t feel free to admit openly. There’s also a large user base of military personnel who have found the app useful in expressing their mental and emotional health after war. An accusation like this would be very concerning to many who have shared personal information and anonymous secrets about themselves or others.
The Guardian also claimed Whisper gave them a simple password to use a back-end analytics tool that helped the reporters find anonymous posts within the company’s large database. Those posts also held information that could identify the street location of those anonymous posters. According to the Guardian, this included one post supposedly coming from within the White House. The Guardian says this information is easily handed over to the Pentagon and other government organizations without a fight.
In a written statement to TechCrunch, a Whisper spokesperson denies the Guardian’s claims: “Whisper does not collect nor store any personally identifiable information from users and is anonymous. There is nothing in our geolocation data that can be tied to an individual user and a user’s anonymity is never compromised. Whisper does not follow or track users. The Guardian’s assumptions that Whisper is gathering information about users and violating user’s privacy are false.”
Whisper’s editor in chief, Neetzan Zimmerman, slammed the Guardian on Twitter, accusing the article of lying and saying the news site would “regret it.”
While you’re downloading or using our mobile applications or Services, we may ask for, access, or track location-based information such as device-provided latitude or longitude, if you have location services enabled for the application. One reason for doing this is to help you explore postings in your area or for us to determine how many postings come from a particular area. However, giving us permission to access or track any location-based data is absolutely voluntary. In fact, you may freely opt into or opt out of location-based portions of our Services at any time. However, please bear in mind that, even if you have disabled location services, we may still determine your city, state, and country location based on your IP address (but not your exact location).
Whisper has released a point-by-point letter it sent to the Guardian about the report. You can view that report below: