Widgets Magazine

Stanford-initiated WhatApp explores Internet privacy

Of the more than 550,000 applications currently on Facebook Platform and the 140,000 applications available for the iPhone, how many offer their users valid privacy and personal security protection? WhatApp.org, an application rate-and-review project spearheaded by Ryan Calo, a law fellow at the Stanford Center for Internet and Society, attempts to answer that question, one application at a time.

WhatApp.org, now in Beta, describes itself as a forum where experienced Internet users and novices alike can assess, comment on and use a five-point scale to rate the privacy and security of a variety of mobile and Internet applications. These include Facebook and iPhone applications, office suites, online mapping programs, toolbar add-ons and media players.

Jonathan Mayer, a graduate student in law and computer science at the Center, wrote in an e-mail to The Daily, “It’s no secret that consumer software often falls short on security and privacy…[I]nforming users is an important first step.”

According to Facebook, 70 percent of its users are connected to at least one application on the Facebook platform.

“There are plenty of people rating and reviewing them, but they’re not doing so on the basis of consumer values like privacy and security,” Calo said.

The rating process begins with experts answering a series of questions on a sliding scale that also includes the option to decline an answer. The questions focus on the privacy, security and openness of various applications. WhatApp summarizes these answers and displays them on its so-called “rating badge,” alongside developers’ notes on the privacy and security of their respective applications.

According to its website, WhatApp “combines traditional consumer reporting and review tools with wikis and news feeds to allow users to make informed choices about the applications they download.”

So far, the website includes reviews and analyses of a few hundred applications–which are growing in number each day–by 26 law and security experts. Users have responded positively to the website, which has yet to encounter issues with application developers whose products are under scrutiny. More than 100,000 people have visited the site.

“We’re very happy about the reception we’ve had,” Calo said. “There have been no interpersonal issues so far–it’s been wonderful.”

The technical aspect of WhatApp, however, has posed a few issues. According to Calo, creating and standardizing criteria by which to judge the security of an application has been very difficult. Effectively evaluating what Calo calls the “back end” of an application presents another difficulty.

“Even experts can’t always figure out exactly how an app is built, so we’ve developed a series of questions [about each application] to try and get around that,” Calo said.

He added that it’s also difficult to keep up reviews and analyses of applications when developers continually release new versions, both with improved and worsened security.

Calo describes WhatApp as a work in progress: although application assessments are added every day, the program is not in a position to comprehensively analyze all the apps on the web.

“WhatApp is by no means a magic bullet, but it is a significant development,” Mayer said.