WeChat

Warning: *Privacy Not Included with this product

WeChat

Tencent
Wi-Fi

Review date: Sept. 8, 2021

|
|

Mozilla says

|
People voted: Super creepy

WeChat is a hugely popular social media and messaging app owned by Chinese tech giant Tencent. And when we say popular, we mean it’s one of the most downloaded apps in the world, with over a billion active users. It’s also one of the least private messaging apps we've come across. It offers all the features -- text chat, video and voice chat, location sharing, stickers, games, WeChat Pay, and even ways to exercise with your friends. Which is great. Just don't expect anything you do on WeChat to be private.

What could happen if something goes wrong?

Ding! Ding! Ding! WeChat earns our *Privacy Not Included warning label for good reason. WeChat isn't just bad at privacy, it's scary. Where to start? The lack of end-to-end encryption? Not a deal breaker, but not great.The leak of hundreds of millions of private chat logs? Definitely bad! The reported recent banning of LGBTQ friendly and feminist accounts? Yikes! The alleged foreign surveillance and censorship. Terrible! Yes, WeChat has a huge billion+ user base. Yes, it’s very popular and feature rich. But none of that outweighs WeChat's bad track record on privacy and security. The bottom line: we feel the only way to protect your privacy when using WeChat, is to never use WeChat. *Privacy is absolutely not included.

  • mobile

Can it snoop on me? information

Camera

Device: N/A

App: Yes

Microphone

Device: N/A

App: Yes

Tracks location

Device: N/A

App: Yes

What can be used to sign up?

Optional Facebook sign up is available.

What data does the company collect?

How does the company use this data?

WeChat may hand over any data (including communication content) to the government, public, regulatory, judicial and law enforcement bodies or authorities when necessary. In addition, WeChat data can be shared with a number of group companies, including Tencent International Service Europe BV (located in the Netherlands), Tencent International Service Pte. Ltd (located in Singapore), WeChat International Pte Ltd (located in Singapore) and Oriental Power Holdings Limited (located in Hong Kong) and WeChat International (Canada) Limited (located in Canada). WeChat also says they may share user data with a number of third parties. All WeChat users should note, Tencent also operates Weixin, a service interoperable with WeChat, targeted at users in mainland China. In the WeChat privacy policy, they state, "When you interact with a Weixin user, or use or receive notifications from any feature operated by Weixin, please be mindful that your information may be collected, retained, shared and/or stored by Weixin in accordance with the Weixin Privacy Protection Guidelines and not this Privacy Policy." So if you as a WeChat user interact with a Weixin user (and you may not know who on the service is a Weixin users versus a WeChat user), your privacy rights will be only protected as far as the less protective Weixin privacy policy applies.

How can you control your data?

WeChat says that you can delete your account, or remove certain personal information, by logging into your WeChat account and following the account deletion instructions. The company provides clear retention periods for all data. According to a 2019 paper by MIT researchers, at the time, when a user deleted a voice or text message, rather than removing the data from the local database, WeChat simply removed the key storage for the data. However, because this data remained in the local storage, the data was not actually deleted. WeChat has indicated that currently, when a user deletes a message from a chat, the WeChat app will immediately delete both the message key and the content of that message from the user’s local storage.

What is the company’s known track record of protecting users’ data?

Bad

WeChat allegedly censors private conversations automatically in real life, for both Chinese and non-Chinese users. In March 2019, a database of 364 million records of users from China was discovered on the Internet. Each record, drawn from apps like WeChat and QQ, also contained personally identifying Chinese citizen ID numbers, photos, addresses, GPS location data, and info on the type of device being used. The database also sent data back to 17 remote servers in different provinces in China. There is a suspicion that the data gets distributed among police stations. WeChat also reportedly shut down hundreds of LGBTQ+ friendly accounts in July 2021.

Can this product be used offline?

N/A

User-friendly privacy information?

No

Huge and overly complex privacy policy.

Links to privacy information

Does this product meet our Minimum Security Standards? information

Yes

Encryption

Yes

Uses encryption but no end-to-end encryption

Strong password

Yes

Password is needed to set up an account. Password must be 8-16 characters and contain both numbers and letters/special characters.

Security updates

Yes

Since its launch in 2011, over 100 updates.

Manages vulnerabilities

Yes

Tencent operates a security response center.

Privacy policy

Yes

Does the product use AI? information

Yes

WeChat runs a WeChat AI hub, which openly focuses on such applications as Speech and Audio recognition, Natural Language Processing, face recognition, content understanding, etc. A major concern is that this AI enables censorship, blocking links, images, topics or audio.

Is this AI untrustworthy?

Can’t Determine

What kind of decisions does the AI make about you or for you?

Is the company transparent about how the AI works?

No

Does the user have control over the AI features?

Can’t Determine

*Privacy Not Included

Dive Deeper

  • Red Vs are after China’s queer community
    Protocol Link opens in a new tab
  • TikTok, WeChat & Co: How does spyware get into smartphones?
    DW Link opens in a new tab
  • Tencent's WeChat suspends new user registration for security compliance
    Reuters Link opens in a new tab
  • How WeChat censors private conversations, automatically in real time
    Technology Review Link opens in a new tab
  • Out in the World: China's WeChat shuts down LGBTQ accounts
    BayAreaReporter Link opens in a new tab
  • LGBTQ activists give voice to China's censored WeChat groups
    Nikkei Asia Link opens in a new tab
  • Chinese censorship invades the U.S. via WeChat
    Washington Post Link opens in a new tab
  • Security in the Face of Censorship
    MIT Link opens in a new tab
  • Outrage over shutdown of LGBTQ WeChat accounts in China
    The Guardian Link opens in a new tab
  • Hundreds of millions of Chinese chat logs leak online
    Financial Times Link opens in a new tab

Comments

Got a comment? Let us hear it.