| Sysop: | Amessyroom |
|---|---|
| Location: | Fayetteville, NC |
| Users: | 23 |
| Nodes: | 6 (0 / 6) |
| Uptime: | 54:55:03 |
| Calls: | 583 |
| Files: | 1,139 |
| D/L today: |
179 files (27,921K bytes) |
| Messages: | 111,802 |
I am under pressure to join WhatsApp but I do *not* want to allow
access to my entire contact list (as I take the view that I do not
have the permission of my contacts to use their data in this way). I
am using an iPhone (iOS v18.6)
Am I correct that I can set WhatsApp to permit limited contacts only
so that only those who explicitly ask will be linked with my phone
contacts? If I refuse access altogether. Would WhatsApp still work but
not show the name of the caller? Can WhatsApp create its own contact
list instead, independent of my phone contacts?
Please don't tell me I am being paranoid as it is my phone and my
choice what it can and cannot do.
Scott <newsgroups@gefion.myzen.co.uk> wrote:
I am under pressure to join WhatsApp but I do *not* want to allow
access to my entire contact list (as I take the view that I do not
have the permission of my contacts to use their data in this way). I
am using an iPhone (iOS v18.6)
Am I correct that I can set WhatsApp to permit limited contacts only
so that only those who explicitly ask will be linked with my phone
contacts? If I refuse access altogether. Would WhatsApp still work but
not show the name of the caller? Can WhatsApp create its own contact
list instead, independent of my phone contacts?
I haven't used WA on recent iOS but if you deny WA access to all contacts >then it still works but just shows numbers instead of names. You can still >use profile pics to identify people. It used to refuse to work point blank >without contacts access on Android, but on iOS it's not allowed to refuse.
It looks like iOS 18 has a new feature called 'Contact Access' which allows >you to choose which contacts it can see - I've not tried that but there's a >demo (intended for developers) here: >https://www.youtube.com/watch?v=X2QOqvQDjXU
If you deny access to all contacts then you can't create chats to new >numbers, but there's a workaround. Enter the following in the web browser:
wa.me/+441234567890
ie
https://wa.me/+441234567890
and it'll launch WA with a new chat to that number.
Please don't tell me I am being paranoid as it is my phone and my
choice what it can and cannot do.
You're not paranoid, Facebook really is out to get you.
I am under pressure to join WhatsApp but I do *not* want to allow
access to my entire contact list (as I take the view that I do not
have the permission of my contacts to use their data in this way). I
am using an iPhone (iOS v18.6)
Am I correct that I can set WhatsApp to permit limited contacts only
so that only those who explicitly ask will be linked with my phone
contacts? If I refuse access altogether. Would WhatsApp still work but
not show the name of the caller? Can WhatsApp create its own contact
list instead, independent of my phone contacts?
Please don't tell me I am being paranoid as it is my phone and my
choice what it can and cannot do.
Scott <newsgroups@gefion.myzen.co.uk> wrote:
I am under pressure to join WhatsApp but I do *not* want to allow
access to my entire contact list (as I take the view that I do not
have the permission of my contacts to use their data in this way). I
am using an iPhone (iOS v18.6)
Am I correct that I can set WhatsApp to permit limited contacts only
so that only those who explicitly ask will be linked with my phone
contacts? If I refuse access altogether. Would WhatsApp still work
but not show the name of the caller? Can WhatsApp create its own
contact list instead, independent of my phone contacts?
I haven't used WA on recent iOS but if you deny WA access to all
contacts then it still works but just shows numbers instead of names.
You can still use profile pics to identify people. It used to
refuse to work point blank without contacts access on Android, but on
iOS it's not allowed to refuse.
It looks like iOS 18 has a new feature called 'Contact Access' which
allows you to choose which contacts it can see - I've not tried that
but there's a demo (intended for developers) here: https://www.youtube.com/watch?v=X2QOqvQDjXU
If you deny access to all contacts then you can't create chats to new numbers, but there's a workaround. Enter the following in the web
browser:
wa.me/+441234567890
ie
https://wa.me/+441234567890
and it'll launch WA with a new chat to that number.
Please don't tell me I am being paranoid as it is my phone and my
choice what it can and cannot do.
You're not paranoid, Facebook really is out to get you.
Theo
On 20:27 1 Aug 2025, Theo said:
Scott <newsgroups@gefion.myzen.co.uk> wrote:
I am under pressure to join WhatsApp but I do *not* want to allow
access to my entire contact list (as I take the view that I do not
have the permission of my contacts to use their data in this way). I
am using an iPhone (iOS v18.6)
Am I correct that I can set WhatsApp to permit limited contacts only
so that only those who explicitly ask will be linked with my phone
contacts? If I refuse access altogether. Would WhatsApp still work
but not show the name of the caller? Can WhatsApp create its own
contact list instead, independent of my phone contacts?
I haven't used WA on recent iOS but if you deny WA access to all
contacts then it still works but just shows numbers instead of names.
You can still use profile pics to identify people. It used to
refuse to work point blank without contacts access on Android, but on
iOS it's not allowed to refuse.
You write: "It used to refuse to work point blank without contacts
access on Android". Is that still true? I would like to use WhatsApp on Android with giving it access to my contacts.
It looks like iOS 18 has a new feature called 'Contact Access' which
allows you to choose which contacts it can see - I've not tried that
but there's a demo (intended for developers) here:
https://www.youtube.com/watch?v=X2QOqvQDjXU
If you deny access to all contacts then you can't create chats to new
numbers, but there's a workaround. Enter the following in the web
browser:
wa.me/+441234567890
ie
https://wa.me/+441234567890
and it'll launch WA with a new chat to that number.
Please don't tell me I am being paranoid as it is my phone and my
choice what it can and cannot do.
You're not paranoid, Facebook really is out to get you.
Theo
On Sat, 23 Aug 2025 08:49:42 +0100, Abandoned Trolley <that.bloke@microsoft.com> wrote:
You write: "It used to refuse to work point blank without contacts
access on Android". Is that still true? I would like to use WhatsApp on
Android with giving it access to my contacts.
I have WhatsApp running ok on an Android phone WITHOUT a google account
- if thats of any interest
(I assume "with giving" is a typo ? )
This is essentially what I am looking to achieve (but with iPhone).
Does it keep a local list of contacts or do you have to recognise the caller's number each time?
On 23/08/2025 10:11, Scott wrote:
On Sat, 23 Aug 2025 08:49:42 +0100, Abandoned Trolley
<that.bloke@microsoft.com> wrote:
You write: "It used to refuse to work point blank without contacts
access on Android". Is that still true? I would like to use WhatsApp on >>>> Android with giving it access to my contacts.
I have WhatsApp running ok on an Android phone WITHOUT a google account
- if thats of any interest
(I assume "with giving" is a typo ? )
This is essentially what I am looking to achieve (but with iPhone).
Does it keep a local list of contacts or do you have to recognise the
caller's number each time?
The contacts appear with the name which I gave them in my contacts list >(like "Mrs Squeaky" for example) - so WhatsApp clearly has access to the >contact list, although I dont remember being asked about it.
Profile pictures are also displayed.
On Sun, 24 Aug 2025 06:57:34 +0100, Abandoned Trolley <that.bloke@microsoft.com> wrote:
On 23/08/2025 10:11, Scott wrote:
On Sat, 23 Aug 2025 08:49:42 +0100, Abandoned Trolley
<that.bloke@microsoft.com> wrote:
You write: "It used to refuse to work point blank without contacts
access on Android". Is that still true? I would like to use WhatsApp on >>>>> Android with giving it access to my contacts.
I have WhatsApp running ok on an Android phone WITHOUT a google account >>>> - if thats of any interest
(I assume "with giving" is a typo ? )
This is essentially what I am looking to achieve (but with iPhone).
Does it keep a local list of contacts or do you have to recognise the
caller's number each time?
The contacts appear with the name which I gave them in my contacts list
(like "Mrs Squeaky" for example) - so WhatsApp clearly has access to the
contact list, although I dont remember being asked about it.
Profile pictures are also displayed.
I misunderstood that. I thought you were saying that WhatsApp could
function without access to contacts. I need to explore further.
On 24/08/2025 10:00, Scott wrote:
On Sun, 24 Aug 2025 06:57:34 +0100, Abandoned Trolley
<that.bloke@microsoft.com> wrote:
On 23/08/2025 10:11, Scott wrote:
On Sat, 23 Aug 2025 08:49:42 +0100, Abandoned Trolley
<that.bloke@microsoft.com> wrote:
You write: "It used to refuse to work point blank without contacts >>>>>> access on Android". Is that still true? I would like to use WhatsApp on >>>>>> Android with giving it access to my contacts.
I have WhatsApp running ok on an Android phone WITHOUT a google account >>>>> - if thats of any interest
(I assume "with giving" is a typo ? )
This is essentially what I am looking to achieve (but with iPhone).
Does it keep a local list of contacts or do you have to recognise the
caller's number each time?
The contacts appear with the name which I gave them in my contacts list
(like "Mrs Squeaky" for example) - so WhatsApp clearly has access to the >>> contact list, although I dont remember being asked about it.
Profile pictures are also displayed.
I misunderstood that. I thought you were saying that WhatsApp could
function without access to contacts. I need to explore further.
It worked last time I tried it. Its a pain. Install it and then when it
asks deny it permission. As I said this is largely futile because 99% of >users give it permission. All this does is stop it telling you which of
your contacts use WhatsApp. Every other WhatsApp user with you in their >contact list will know you are on WhatsApp, because they let it see
their contacts.
On Sun, 24 Aug 2025 11:15:43 +0100, David Wade <g4ugm@dave.invalid>
wrote:
On 24/08/2025 10:00, Scott wrote:
On Sun, 24 Aug 2025 06:57:34 +0100, Abandoned Trolley
<that.bloke@microsoft.com> wrote:
On 23/08/2025 10:11, Scott wrote:
On Sat, 23 Aug 2025 08:49:42 +0100, Abandoned Trolley
<that.bloke@microsoft.com> wrote:
You write: "It used to refuse to work point blank without contacts >>>>>>> access on Android". Is that still true? I would like to use WhatsApp on >>>>>>> Android with giving it access to my contacts.
I have WhatsApp running ok on an Android phone WITHOUT a google account >>>>>> - if thats of any interest
(I assume "with giving" is a typo ? )
This is essentially what I am looking to achieve (but with iPhone).
Does it keep a local list of contacts or do you have to recognise the >>>>> caller's number each time?
The contacts appear with the name which I gave them in my contacts list >>>> (like "Mrs Squeaky" for example) - so WhatsApp clearly has access to the >>>> contact list, although I dont remember being asked about it.
Profile pictures are also displayed.
I misunderstood that. I thought you were saying that WhatsApp could
function without access to contacts. I need to explore further.
It worked last time I tried it. Its a pain. Install it and then when it
asks deny it permission. As I said this is largely futile because 99% of
users give it permission. All this does is stop it telling you which of
your contacts use WhatsApp. Every other WhatsApp user with you in their
contact list will know you are on WhatsApp, because they let it see
their contacts.
But I think it means that legally I have not disclosed any personal
data to WhatsApp without permission of the data subject.
On Sun, 24 Aug 2025 11:15:43 +0100, David Wade <g4ugm@dave.invalid>
wrote:
On 24/08/2025 10:00, Scott wrote:
On Sun, 24 Aug 2025 06:57:34 +0100, Abandoned Trolley
<that.bloke@microsoft.com> wrote:
On 23/08/2025 10:11, Scott wrote:
On Sat, 23 Aug 2025 08:49:42 +0100, Abandoned Trolley
<that.bloke@microsoft.com> wrote:
You write: "It used to refuse to work point blank without contacts >>>>>>> access on Android". Is that still true? I would like to use WhatsApp on >>>>>>> Android with giving it access to my contacts.
I have WhatsApp running ok on an Android phone WITHOUT a google account >>>>>> - if thats of any interest
(I assume "with giving" is a typo ? )
This is essentially what I am looking to achieve (but with iPhone).
Does it keep a local list of contacts or do you have to recognise the >>>>> caller's number each time?
The contacts appear with the name which I gave them in my contacts list >>>> (like "Mrs Squeaky" for example) - so WhatsApp clearly has access to the >>>> contact list, although I dont remember being asked about it.
Profile pictures are also displayed.
I misunderstood that. I thought you were saying that WhatsApp could
function without access to contacts. I need to explore further.
It worked last time I tried it. Its a pain. Install it and then when it
asks deny it permission. As I said this is largely futile because 99% of
users give it permission. All this does is stop it telling you which of
your contacts use WhatsApp. Every other WhatsApp user with you in their
contact list will know you are on WhatsApp, because they let it see
their contacts.
But I think it means that legally I have not disclosed any personal
data to WhatsApp without permission of the data subject.
Scott <newsgroups@gefion.myzen.co.uk> wrote:
On Sun, 24 Aug 2025 11:15:43 +0100, David Wade <g4ugm@dave.invalid>
wrote:
On 24/08/2025 10:00, Scott wrote:
On Sun, 24 Aug 2025 06:57:34 +0100, Abandoned Trolley
<that.bloke@microsoft.com> wrote:
On 23/08/2025 10:11, Scott wrote:
On Sat, 23 Aug 2025 08:49:42 +0100, Abandoned Trolley
<that.bloke@microsoft.com> wrote:
You write: "It used to refuse to work point blank without contacts >>>>>>>> access on Android". Is that still true? I would like to use WhatsApp on
Android with giving it access to my contacts.
I have WhatsApp running ok on an Android phone WITHOUT a google account >>>>>>> - if thats of any interest
(I assume "with giving" is a typo ? )
This is essentially what I am looking to achieve (but with iPhone). >>>>>> Does it keep a local list of contacts or do you have to recognise the >>>>>> caller's number each time?
The contacts appear with the name which I gave them in my contacts list >>>>> (like "Mrs Squeaky" for example) - so WhatsApp clearly has access to the >>>>> contact list, although I dont remember being asked about it.
Profile pictures are also displayed.
I misunderstood that. I thought you were saying that WhatsApp could
function without access to contacts. I need to explore further.
It worked last time I tried it. Its a pain. Install it and then when it >>> asks deny it permission. As I said this is largely futile because 99% of >>> users give it permission. All this does is stop it telling you which of >>> your contacts use WhatsApp. Every other WhatsApp user with you in their >>> contact list will know you are on WhatsApp, because they let it see
their contacts.
But I think it means that legally I have not disclosed any personal
data to WhatsApp without permission of the data subject.
As an individual there aren't any legal requirements to protect personal >information for purely "personal or household activity".
In fact it only uploads a hash of the numbers so you do not disclose personal information no matter what you do.
On 25/08/2025 08:45, David Wade wrote:Many people could do many things if they wished but the above would be
In fact it only uploads a hash of the numbers so you do not disclose
personal information no matter what you do.
If I understand the mechanism, they would not be able to salt the
hashes, so, given that WA operates on a scale where it knows about a significant proportion of possible phone numbers, it seems to me that
they have the resources to do a brute force attack, if they wanted to.
When it comes to things like Data Protection you do not need to read
between the lines. Surely if your contract says they will use data in a
way which is compatible with the various acts it can be assumed it will...
On 25/08/2025 14:02, David Woolley wrote:
On 25/08/2025 08:45, David Wade wrote:Many people could do many things if they wished but the above would be
In fact it only uploads a hash of the numbers so you do not disclose
personal information no matter what you do.
If I understand the mechanism, they would not be able to salt the
hashes, so, given that WA operates on a scale where it knows about a
significant proportion of possible phone numbers, it seems to me that
they have the resources to do a brute force attack, if they wanted to.
in violation of the T&Cs and open them up to a class action in the US.
When it comes to things like Data Protection you do not need to read
between the lines. Surely if your contract says they will use data in a
way which is compatible with the various acts it can be assumed it will...
.. oh and if any one WAS the secretary of a membership organisation, but
no longer is, then any contact details disclosed to them as part of that >role MUST be deleted after they leave the role...
On 25/08/2025 14:02, David Woolley wrote:
On 25/08/2025 08:45, David Wade wrote:Many people could do many things if they wished but the above would be
In fact it only uploads a hash of the numbers so you do notIf I understand the mechanism, they would not be able to salt the
disclose personal information no matter what you do.
hashes, so, given that WA operates on a scale where it knows about a
significant proportion of possible phone numbers, it seems to me
that they have the resources to do a brute force attack, if they
wanted to.
in violation of the T&Cs and open them up to a class action in the US.
On Mon, 25 Aug 2025 14:13:31 +0100, David Wade <g4ugm@dave.invalid>
wrote:
On 25/08/2025 14:02, David Woolley wrote:Are you sure it is as clear-cut as that? If the information is used
On 25/08/2025 08:45, David Wade wrote:Many people could do many things if they wished but the above would be
In fact it only uploads a hash of the numbers so you do not disclose
personal information no matter what you do.
If I understand the mechanism, they would not be able to salt the
hashes, so, given that WA operates on a scale where it knows about a
significant proportion of possible phone numbers, it seems to me that
they have the resources to do a brute force attack, if they wanted to.
in violation of the T&Cs and open them up to a class action in the US.
When it comes to things like Data Protection you do not need to read
between the lines. Surely if your contract says they will use data in a
way which is compatible with the various acts it can be assumed it will... >>
.. oh and if any one WAS the secretary of a membership organisation, but
no longer is, then any contact details disclosed to them as part of that
role MUST be deleted after they leave the role...
for domestic purposes, such as the sending of Christmas cards, does it
not then become exempt with no need to delete? Otherwise, the 'holder'
would be required to seek consent for a purpose that is exempt, which
would be nonsensical.
On Mon, 25 Aug 2025 06:58:14 -0000 (UTC), Chris <ithinkiam@gmail.com>
wrote:
Scott <newsgroups@gefion.myzen.co.uk> wrote:
On Sun, 24 Aug 2025 11:15:43 +0100, David Wade <g4ugm@dave.invalid>
wrote:
On 24/08/2025 10:00, Scott wrote:
On Sun, 24 Aug 2025 06:57:34 +0100, Abandoned Trolley
<that.bloke@microsoft.com> wrote:
On 23/08/2025 10:11, Scott wrote:
On Sat, 23 Aug 2025 08:49:42 +0100, Abandoned Trolley
<that.bloke@microsoft.com> wrote:
You write: "It used to refuse to work point blank without contacts >>>>>>>>> access on Android". Is that still true? I would like to use WhatsApp on
Android with giving it access to my contacts.
I have WhatsApp running ok on an Android phone WITHOUT a google account
- if thats of any interest
(I assume "with giving" is a typo ? )
This is essentially what I am looking to achieve (but with iPhone). >>>>>>> Does it keep a local list of contacts or do you have to recognise the >>>>>>> caller's number each time?
The contacts appear with the name which I gave them in my contacts list >>>>>> (like "Mrs Squeaky" for example) - so WhatsApp clearly has access to the >>>>>> contact list, although I dont remember being asked about it.
Profile pictures are also displayed.
I misunderstood that. I thought you were saying that WhatsApp could
function without access to contacts. I need to explore further.
It worked last time I tried it. Its a pain. Install it and then when it >>>> asks deny it permission. As I said this is largely futile because 99% of >>>> users give it permission. All this does is stop it telling you which of >>>> your contacts use WhatsApp. Every other WhatsApp user with you in their >>>> contact list will know you are on WhatsApp, because they let it see
their contacts.
But I think it means that legally I have not disclosed any personal
data to WhatsApp without permission of the data subject.
As an individual there aren't any legal requirements to protect personal
information for purely "personal or household activity".
Yes, I am aware of that. However, I was membership secretary of an organisation and added a note to the renewal form stating that
membership data is held on a computer database and will not be shared
with any other organisation. I am therefore uneasy about allowing
WhatsApp access to my contacts list as it contains some of the mobile numbers.
On 25/08/2025 18:10, Scott wrote:
On Mon, 25 Aug 2025 14:13:31 +0100, David Wade <g4ugm@dave.invalid>
wrote:
On 25/08/2025 14:02, David Woolley wrote:Are you sure it is as clear-cut as that? If the information is used
On 25/08/2025 08:45, David Wade wrote:Many people could do many things if they wished but the above would be
In fact it only uploads a hash of the numbers so you do not disclose >>>>> personal information no matter what you do.
If I understand the mechanism, they would not be able to salt the
hashes, so, given that WA operates on a scale where it knows about a
significant proportion of possible phone numbers, it seems to me that
they have the resources to do a brute force attack, if they wanted to.
in violation of the T&Cs and open them up to a class action in the US.
When it comes to things like Data Protection you do not need to read
between the lines. Surely if your contract says they will use data in a
way which is compatible with the various acts it can be assumed it will... >>>
.. oh and if any one WAS the secretary of a membership organisation, but >>> no longer is, then any contact details disclosed to them as part of that >>> role MUST be deleted after they leave the role...
for domestic purposes, such as the sending of Christmas cards, does it
not then become exempt with no need to delete? Otherwise, the 'holder'
would be required to seek consent for a purpose that is exempt, which
would be nonsensical.
I believe much of GDPR is non-sense. If the information was given on a >membership form, and you are no longer the membership secretary, then
yes you must delete it. It wasn't given to you, it was given to the
club. If you want your own copy then you have to ask again.
On Mon, 25 Aug 2025 19:14:37 +0100, David Wade <g4ugm@dave.invalid>
wrote:
On 25/08/2025 18:10, Scott wrote:I can see a logical and practical difficulty in asking again after
On Mon, 25 Aug 2025 14:13:31 +0100, David Wade <g4ugm@dave.invalid>
wrote:
On 25/08/2025 14:02, David Woolley wrote:Are you sure it is as clear-cut as that? If the information is used
On 25/08/2025 08:45, David Wade wrote:When it comes to things like Data Protection you do not need to read
In fact it only uploads a hash of the numbers so you do not disclose >>>>>> personal information no matter what you do.
If I understand the mechanism, they would not be able to salt the
hashes, so, given that WA operates on a scale where it knows about a >>>>> significant proportion of possible phone numbers, it seems to me that >>>>> they have the resources to do a brute force attack, if they wanted to. >>>> Many people could do many things if they wished but the above would be >>>> in violation of the T&Cs and open them up to a class action in the US. >>>>
between the lines. Surely if your contract says they will use data in a >>>> way which is compatible with the various acts it can be assumed it will... >>>>
.. oh and if any one WAS the secretary of a membership organisation, but >>>> no longer is, then any contact details disclosed to them as part of that >>>> role MUST be deleted after they leave the role...
for domestic purposes, such as the sending of Christmas cards, does it
not then become exempt with no need to delete? Otherwise, the 'holder'
would be required to seek consent for a purpose that is exempt, which
would be nonsensical.
I believe much of GDPR is non-sense. If the information was given on a
membership form, and you are no longer the membership secretary, then
yes you must delete it. It wasn't given to you, it was given to the
club. If you want your own copy then you have to ask again.
deleting the contact data. If I received a Christmas card from the
individual concerned last year, can I treat this as implied consent?
On 23/08/2025 10:11, Scott wrote:
On Sat, 23 Aug 2025 08:49:42 +0100, Abandoned Trolley
<that.bloke@microsoft.com> wrote:
You write: "It used to refuse to work point blank without contacts >>>>>>>>> access on Android". Is that still true? I would like to use WhatsApp on
Android with giving it access to my contacts.
Yes, I am aware of that. However, I was membership secretary of an organisation and added a note to the renewal form stating that
membership data is held on a computer database and will not be shared
with any other organisation. I am therefore uneasy about allowing
WhatsApp access to my contacts list as it contains some of the mobile numbers.
On 25/08/2025 09:57, Scott wrote:
On 23/08/2025 10:11, Scott wrote:
On Sat, 23 Aug 2025 08:49:42 +0100, Abandoned Trolley
<that.bloke@microsoft.com> wrote:
You write: "It used to refuse to work point blank without >>>>>>>>>> contacts
access on Android". Is that still true? I would like to use >>>>>>>>>> WhatsApp on
Android with giving it access to my contacts.
Yes, I am aware of that. However, I was membership secretary of an
organisation and added a note to the renewal form stating that
membership data is held on a computer database and will not be shared
with any other organisation. I am therefore uneasy about allowing
WhatsApp access to my contacts list as it contains some of the mobile
numbers.
-aCould you set an additional user on the phone with access to the
WhatsApp app but no access to the contacts ? I presume you would then
use WhatsApp when convenient and might not receive notifications immediately.
On 25/08/2025 09:57, Scott wrote:
On 23/08/2025 10:11, Scott wrote:
On Sat, 23 Aug 2025 08:49:42 +0100, Abandoned Trolley
<that.bloke@microsoft.com> wrote:
You write: "It used to refuse to work point blank without contacts >>>>>>>>>> access on Android". Is that still true? I would like to use WhatsApp on
Android with giving it access to my contacts.
Yes, I am aware of that. However, I was membership secretary of an
organisation and added a note to the renewal form stating that
membership data is held on a computer database and will not be shared
with any other organisation. I am therefore uneasy about allowing
WhatsApp access to my contacts list as it contains some of the mobile
numbers.
Could you set an additional user on the phone with access to the WhatsApp app but no access to the contacts ? I presume you would then use WhatsApp when convenient and might not receive notifications immediately.
On Mon, 25 Aug 2025 14:13:31 +0100, David Wade <g4ugm@dave.invalid>
wrote:
On 25/08/2025 14:02, David Woolley wrote:Are you sure it is as clear-cut as that? If the information is used
On 25/08/2025 08:45, David Wade wrote:Many people could do many things if they wished but the above would be
In fact it only uploads a hash of the numbers so you do not disclose
personal information no matter what you do.
If I understand the mechanism, they would not be able to salt the
hashes, so, given that WA operates on a scale where it knows about a
significant proportion of possible phone numbers, it seems to me that
they have the resources to do a brute force attack, if they wanted to.
in violation of the T&Cs and open them up to a class action in the US.
When it comes to things like Data Protection you do not need to read
between the lines. Surely if your contract says they will use data in a
way which is compatible with the various acts it can be assumed it will... >>
.. oh and if any one WAS the secretary of a membership organisation, but
no longer is, then any contact details disclosed to them as part of that
role MUST be deleted after they leave the role...
for domestic purposes, such as the sending of Christmas cards, does it
not then become exempt with no need to delete? Otherwise, the 'holder'
would be required to seek consent for a purpose that is exempt, which
would be nonsensical.
Scott <newsgroups@gefion.myzen.co.uk> wrote:
On Mon, 25 Aug 2025 14:13:31 +0100, David Wade <g4ugm@dave.invalid>
wrote:
On 25/08/2025 14:02, David Woolley wrote:Are you sure it is as clear-cut as that? If the information is used
On 25/08/2025 08:45, David Wade wrote:Many people could do many things if they wished but the above would be
In fact it only uploads a hash of the numbers so you do not disclose >>>>> personal information no matter what you do.
If I understand the mechanism, they would not be able to salt the
hashes, so, given that WA operates on a scale where it knows about a
significant proportion of possible phone numbers, it seems to me that >>>> they have the resources to do a brute force attack, if they wanted to.
in violation of the T&Cs and open them up to a class action in the US.
When it comes to things like Data Protection you do not need to read
between the lines. Surely if your contract says they will use data in a >>> way which is compatible with the various acts it can be assumed it will... >>>
.. oh and if any one WAS the secretary of a membership organisation, but >>> no longer is, then any contact details disclosed to them as part of that >>> role MUST be deleted after they leave the role...
for domestic purposes, such as the sending of Christmas cards, does it
not then become exempt with no need to delete? Otherwise, the 'holder'
would be required to seek consent for a purpose that is exempt, which
would be nonsensical.
You've stipulated that you don't want to share the data because of your
data protection obligation. You can't now claim it is for "domestic >purposes". Either you got the personal data under your remit as part of an >organisation or they are personal contacts. You can't have it both ways.
You should have asked all involved for permission to keep the details as >personal contacts.
On Tue, 26 Aug 2025 16:07:54 -0000 (UTC), Chris <ithinkiam@gmail.com>
wrote:
Scott <newsgroups@gefion.myzen.co.uk> wrote:
On Mon, 25 Aug 2025 14:13:31 +0100, David Wade <g4ugm@dave.invalid>
wrote:
On 25/08/2025 14:02, David Woolley wrote:Are you sure it is as clear-cut as that? If the information is used
On 25/08/2025 08:45, David Wade wrote:When it comes to things like Data Protection you do not need to read
In fact it only uploads a hash of the numbers so you do not disclose >>>>>> personal information no matter what you do.
If I understand the mechanism, they would not be able to salt the
hashes, so, given that WA operates on a scale where it knows about a >>>>> significant proportion of possible phone numbers, it seems to me that >>>>> they have the resources to do a brute force attack, if they wanted to. >>>> Many people could do many things if they wished but the above would be >>>> in violation of the T&Cs and open them up to a class action in the US. >>>>
between the lines. Surely if your contract says they will use data in a >>>> way which is compatible with the various acts it can be assumed it will... >>>>
.. oh and if any one WAS the secretary of a membership organisation, but >>>> no longer is, then any contact details disclosed to them as part of that >>>> role MUST be deleted after they leave the role...
for domestic purposes, such as the sending of Christmas cards, does it
not then become exempt with no need to delete? Otherwise, the 'holder'
would be required to seek consent for a purpose that is exempt, which
would be nonsensical.
You've stipulated that you don't want to share the data because of your
data protection obligation. You can't now claim it is for "domestic
purposes". Either you got the personal data under your remit as part of an >> organisation or they are personal contacts. You can't have it both ways.
You are right of course in principle but it is impossible in practice
to determine now who gave me their number in my capacity as membership secretary and who gave me their number for social contact. I am
compromising between retention and sharing by taking the view that the numbers can stay in my personal contact list but not be shared with third-party WhatsApp.
You should have asked all involved for permission to keep the details as
personal contacts.
It would be irregular if not spooky for a membership secretary to ask
each member for permission to store their number for personal use.
.. oh and if any one WAS the secretary of a membership organisation, but
no longer is, then any contact details disclosed to them as part of that role MUST be deleted after they leave the role...
Scott <newsgroups@gefion.myzen.co.uk> wrote:
On Tue, 26 Aug 2025 16:07:54 -0000 (UTC), Chris <ithinkiam@gmail.com>
wrote:
Scott <newsgroups@gefion.myzen.co.uk> wrote:You are right of course in principle but it is impossible in practice
On Mon, 25 Aug 2025 14:13:31 +0100, David Wade <g4ugm@dave.invalid>
wrote:
On 25/08/2025 14:02, David Woolley wrote:Are you sure it is as clear-cut as that? If the information is used
On 25/08/2025 08:45, David Wade wrote:When it comes to things like Data Protection you do not need to read >>>>> between the lines. Surely if your contract says they will use data in a >>>>> way which is compatible with the various acts it can be assumed it will...
In fact it only uploads a hash of the numbers so you do not disclose >>>>>>> personal information no matter what you do.
If I understand the mechanism, they would not be able to salt the >>>>>> hashes, so, given that WA operates on a scale where it knows about a >>>>>> significant proportion of possible phone numbers, it seems to me that >>>>>> they have the resources to do a brute force attack, if they wanted to. >>>>> Many people could do many things if they wished but the above would be >>>>> in violation of the T&Cs and open them up to a class action in the US. >>>>>
.. oh and if any one WAS the secretary of a membership organisation, but >>>>> no longer is, then any contact details disclosed to them as part of that >>>>> role MUST be deleted after they leave the role...
for domestic purposes, such as the sending of Christmas cards, does it >>>> not then become exempt with no need to delete? Otherwise, the 'holder' >>>> would be required to seek consent for a purpose that is exempt, which
would be nonsensical.
You've stipulated that you don't want to share the data because of your
data protection obligation. You can't now claim it is for "domestic
purposes". Either you got the personal data under your remit as part of an >>> organisation or they are personal contacts. You can't have it both ways. >>
to determine now who gave me their number in my capacity as membership
secretary and who gave me their number for social contact. I am
compromising between retention and sharing by taking the view that the
numbers can stay in my personal contact list but not be shared with
third-party WhatsApp.
You should have asked all involved for permission to keep the details as >>> personal contacts.
It would be irregular if not spooky for a membership secretary to ask
each member for permission to store their number for personal use.
What's more irregular is that the secretary has given all the membership's >personal details to Scott without permission. This is a breach of UK >GDPR/DPA. You should definitely remove data you know you don't have >permission to have.
It's feels "spooky" because it is wrong.