It turns out Whisper — the social networking app that lets users post messages to the service anonymously — may have been tracking its users’ locations, sometimes even after the users opted out of the service’s geolocation features.
That information has occasionally been shared with the U.S. government, including agencies such as the Pentagon, using a lower legal standard than is commonly used by other tech companies, according to an in-depth report by The Guardian.
Reporters from The Guardian recently visited Whisper’s headquarters in Los Angeles. What they discovered over the course of three days showed that Whisper not only kept tabs on accounts it deemed interesting — “military personnel,” a “sex-obsessed lobbyist,” and political staffers, to name a few — but that it retained that information for far longer than its Web site suggested.
Whisper reportedly told The Guardian it “occasionally” uses user IP addresses but does not store usernames, phone numbers or personally identifiable information. Speaking to my colleague Tim Herrera, Whisper editor-in-chief Neetzan Zimmerman called the Guardian report a “pack of vicious lies.” In a statement, Whisper spokeswoman Tracy Akselrud said the company is not sharing “specific user data with any organization” but was working with the Defense Department on a study about post-traumatic stress disorder.
When a user opted out of the geolocation tracking feature, which allows users to see Whisper posts that are “nearby,” Whisper was still able to collect rough location data on a case-by-case basis from certain users’ phones, according to The Guardian. When Whisper found out that The Guardian was preparing its story for publication, the company reportedly rewrote its terms of service to allow the collection of general geolocation data even when users have turned off the feature.