Heyward
You've been caught out in some unethical and likely illegal activity.
This story isn't going away, admit it, change it now while you still have a profit center...
US Senator Jay Rockefeller has sent a terse letter [PDF] to the CEO of "anonymous" messaging app Whisper about its privacy policies. Referring to "questionable" behavior revealed last week, the letter requests a briefing from the company on four issues, each revolving around the fact that Whisper tracks users of its app even …
The only reason they were "caught out" was due to the fact - exclusively IMHO - that Whisper stated that they were tracking a lobbyist.
This display of "concern" educates us on a modus operandi for future defense of privacy: forget complaints, petitions and public outcry, simply violate the privacy of the elite. You'll get results, fast.
Well, that all depends on what the meaning of "is" is. So far the alleged lobbyist is still anonymous in as much as none of us know his/her name, what issues he/she lobbies on, and/or who he/she lobbies. And even with in the Whisper it is entirely possible he's only know as Lobbyist 1138 or some such.
The sad fact of the matter is that Ellison largely got it right: none us have any privacy anymore, only the illusion of it. What privacy we have is mostly in that we never rise far enough above the noise to become a signal worth watching.
Re: "...it is near-impossible to prove a negative."
Whilst technically correct, they could provide comprehensive evidence of the measures they have taken. They could even publish them, since security by obscurity is not exactly bulletproof.
Your argument would make it impossible for any safety critical system to be certified for use (since you can't prove it has no design flaws).
You'll find that safety critical systems are only required to be certified to some standard which addresses known issues, precisely because of Neoc's point. When a new issue becomes known the standard is updated. In the US this is usually accompanied by a flurry of lawyers asserting that the companies making the products and the certifying agency should have known about the previously unknown issue and therefore each and every one of their million plus clients are do millions in damages. Granted it has been quite a few years since I've interacted in any way with any of these groups, but I don't imagine that has changed.
Just about every software developer I know of has an internal focus group & change management system for any and all publicly consumed applications, so unforeseen features and bugs are mitigated. So, for the CEO to say that it all boiled down to the misdoings of one employee is absurd, if not out right comical. That being said, if the programming types implemented such a mechanism, to target and track specific users & IP's AND a mid to high level manager jokes about it, that ability has to be relatively common knowledge within the walls of that company.
His ass and his senior management should be fired immediately and charged with fraud and/or wire tapping. Reason being, they originally billed the product as anonymous, and once they get their fingers caught in the cookie jar, they start back peddling about there being multiple levels of anonymity.
Who wants to bet the guy they claimed to track for the rest of his life, notified his buddies at the Department of Homeland Security, said the magic words "Investigate Them", and now we've got a high powered politician on the case... whom Whisper can't ignore, because said politician has both the balls & the power to Make An Example of their asses if they don't give some *damn* good answers to any & *every* question he asks them?
I mean, tracking Civilians is bad enough, but to have just openly admitted to Unauthorized Surveilence of a Government Employee? Oh yeah, I'll put my money on Whisper going down in flames like a Scientologist Actor's career...
Normally in entertainment if you know with absolute certainly where the plot is going and what the ending will be be there's actually little entertainment in it. It is certain where Whisper is going though just how much circling they do before they gurgle out of sight isn't clear yet. Nevertheless I shall immensely enjoy the show, there hasn't been one so utterly predictable, deserving and amusing since Phorm.
I seem to recall that the 'denials' were along the lines of "We don't track users without their permission. All of this tracking stuff that works, even when the user says 'No' is just for ..um... Quality Control, er, um... <mumble><mumble><mumble>. It's all perfectly legit."
"Mr. Heyward seems like a lesser copy of Mr. Zuckerberg, kind of a likeable, innocent nerd guy who stumbles into piles of privacy doo-doo, over and over again. I suppose it really is just a coincidence."
Well, not innocent really. And I don't think it can be considered "stumbling" into privacy problems when he's wholesale tracking people, using location info when it's turned off in the app, and finding juicy info for journalists and whoever else.
I don't think there's any endgame for Whisper. Heyward could be serious, use proper encryption the whole way, fix the location stuff, and so on, and still nobody's going to trust the service after such egregious past behavior.