WhatsApp Windows Phone

Privacy in smartphones is always a big deal amongst consumers, so it’s a little odd to see the super popular WhatsApp messaging client have a platform-specific privacy breach regarding geo-location metadata.

The situation is a little convoluted so stick with us when trying to explain.  Photos that are received (not sent) from WhatsApp are automatically tagged with your current location, regardless of your privacy Settings (Applications > Photos + Camera). That means if you were to then pass that photo on to someone else or upload to SkyDrive, your location info will be preserved.

As an example, say Rich Edmonds sends me a photo of his house in the UK. When I save that photo to my gallery in the US (New York), my current location is tagged to that photo. If I were then to email it someone or share it publicly via SkyDrive, you would all see my current location.

Geolocation metadata
GPS info tagged by WhatsApp to a saved image from a user in the UK

Oddly enough, this behavior seems to be restricted to just the Windows Phone version of WhatsApp, as opposed to iOS and Android.  We also tried it on Kik and were unable to replicate the result (indeed Kik strips metadata automatically, so nothing is revealed or added).

The good news is the app is not tagging your photos with your location that you are sending to people, which would be a lot worse. In our case, we rarely download photos from friends and then pass them on to others (and if we sent it to another Windows Phone, it would ironically be over-written by that user’s location data).

Still, it’s discomforting to have your specific GPS coordinates stored unknowingly in your photo gallery. It also raises the question as to why WhatsApp is constantly accessing your geo-location information. Often, ads are targeted based on our current locale so having your info picked up in an app is the norm. But WhatsApp has no ads, which means this must be a side-effect of the optional “share your location” feature (powered by Foursquare). Clearly WhatsApp is constantly accessing your phone’s location for quick revelation when called upon by the user. The problem here is that the app is wrongfully using that info all the time to tag your saved images.

We’ll of course reach out to WhatsApp and Nokia (who are helping them with development) to see if this can be resolved. For now, you’ll want to think twice about passing on photos received from friends or until WhatsApp easily patches this bug.

Thanks, Amir, for the heads up