Civil society groups write about their concern over the handling of group messages by online messaging services.
This statement was originally published on sflc.in on 1 June 2018.
We, along with other stakeholder organizations and individuals, are issuing an open letter urging Internet-based messaging service providers like WhatsApp, Telegram, Signal and others to make modifications to their platforms so users can no longer be added to group chats without express permission. Highlighting that the current implementation of group chats leave users vulnerable to large-scale harassment and privacy violations, the open letter urges messaging service providers on behalf of the multi-stakeholder community to take immediate corrective action. We call upon other organizations and members of civil society around the world to lend their names and support to this letter.
To,
Chris Daniels
CEO, WhatsApp Inc.
1601 Willow Road
Menlo Park, California 94025
United States of America
Mark Zuckerberg
CEO, Facebook Inc.
1 Hacker Way
Menlo Park, California 94025
United States of America
Pavel Durov
CEO, Telegram Messenger LLP
71 – 75 Shelton Street
Covent Gardent, London
United Kingdom
Moxie Marlinspike
CEO, Signal Foundation
Ma Huateng
CEO, Tencent Holdings Ltd.
Tencent Building, Tower C
No.1081 Hongmei Road, Xuhui District
Shanghai, P.R. China
SUB: Concern over handling of group messages by online messaging services
Sir/Ma’am,
As active users of your online messaging services, and also as members of the global multi-stakeholder community around Information and Communication Technologies, we are writing to express our concern regarding the handling of group messages by your services – specifically, the ability of any user with administrator rights to add any other user to a group without the latter’s express permission. In the absence of a mechanism to prevent themselves from being added to groups that they would not like to participate in, users have no option but to manually exit the groups. This is a troubling state of affairs because users may be forcefully exposed to a range of subjectively undesirable content that they would never have signed up for otherwise, which can be particularly damaging, especially in situations where malicious actors attempt to intimidate, disparage, harass or harm individuals in any way.
For instance, journalists and reporters writing/speaking about controversial topics like political misconduct often face constant harassment from those who seek to subdue criticism. On the Internet, organized troll-groups (and independent trolls) make concerted efforts to prevent engagement on such topics by any means necessary. This frequently involves attacking the journalists/reporters with content (like highly derogatory remarks and false statements) that is designed to break spirits and discredit work. In India, prominent journalists and reporters like Ravish Kumar, Arnab Goswami, Rana Ayyub, and Karuna John among many others have expressed that they face crippling levels of online hate and harassment on a regular basis.
The problem is equally relevant for non-public-personalities as well, especially those belonging to minority and otherwise vulnerable groups. A significant number of women report having been harassed online at some point in their lives, and cyber-bullying against children is on the rise. Members of ethnic/religious minorities are routinely attacked online, as is anyone holding what is perceived to be “unpopular” opinions.
While blocking malicious actors can usually help mitigate the damage to an extent, on online messaging services like yours, they are able to easily circumvent blocks by creating groups and adding their targets to these groups. The problem is only made worse from there as personal information like phone numbers, user IDs and photographs are shared with a large number of users, which opens the doors to even greater abuse. Considering that the Internet is believed to be an important enabler of free speech and open discourse, it is highly unfortunate that a design flaw with group messages is undermining this role of the Internet in a big way. Your services also violate individual privacy as personal information is shared amongst group members without consent. In addition, they fail to observe the “privacy by design” principle – “privacy as default setting” in particular – as they do not provide adequate safeguards to prevent infringement of user rights.
We therefore urge you to take immediate steps to address this issue, and implement measures to make it so that being added to group conversations without permission is no longer a possibility. Not only will this greatly help in limiting abusive uses of your services, but it will also make users less wary of using the services, making the Internet a safer space for us all. We hope you treat this matter with utmost urgency and take corrective measures at the earliest.
Sincerely,
Software Freedom Law Centre, India
Digital Empowerment Foundation
Centre for Internet and Society
Society for Knowledge Commons
Prof. Rahul De, Hewlett-Packard Chair Professor in ICT for Sustainable Economic Development, IIM Bangalore
Faisal Farooqui, CEO, Mouthshut.com
Geeta Seshu, Independent Journalist
Hartosh Singh Bal, Political Editor, The Caravan