Well, WhatsApp is owned by Facebook. They are a large player, so they are under a bunch of scrutiny.

But at the end of the day, WhatsApp clearly states it takes all this information. They only claim to keep your messages end-to-end encrypted.

I wonder if this applies to text messages only, or to things like voice memos, images/videos, gifs, etc. as well.

WhatsApp doesn’t let you send documents if you don’t give it full access to your files. Sure, maybe they pinky-promise don’t do anything but this is Facebook we’re talking about.

The same caveat goes for photos and videos - you can’t even send a photo if you don’t give it the camera permission and gallery access, something it clearly doesn’t need just to send a single picture.

Additionally, WhatsApp loads previews of websites. Sure, on the privacy violations list that’s pretty low-priority but I’d still like to not have a link contacted before I can take my 3 seconds to look at it and decide wether it’s worth clicking. Especially since a lot of my contacts send obvious scams (“send this message to 10 contacts for a chance to win a free iPhone” type bullshit mostly).

Revoking WhatsApp’s contacts permission will not show peoples’ nicknames - it will only ahow numbers. Yet you have to give yourself a nickname on WhatsApp, so they clearly have some interest in your contacts. Otherwise they wouldn’t block it outright when it’s an already implemented feature to show nicknames for numbers not in the contact list.

All quite suspicious if you ask me. Although I don’t work in cyber security so it’s clearly just incoherent rambing from me.

AFIAK privacy laws are still the same as before we left the EU

I can confirm

Depends. According to the GDPR for any processing of PII you need consent from the data subject or a reasonable basis why you have to act upon the data (your servers communicating with an IP adress is neccesary for your service to function). Saving the adress isn’t, so you need consent or other legislation under which you’re required to store it that trumps the GDPR. That’s the so-called “overriding legitimate interest”. It doesn’t mean “interest = money”, “data = money” therefore “data retention = overruling legitimate interest”.

Keeping leaked data or scraping it from public sources is still problematic since you do nees consent.

If you’re approached as a 3rd party by someone with data who sells them to you you are obliged to make sure the data you’re given has been aquired with consent. Often times checks aren’t in place, and ultimately, if you’re given “bad data” by the intermediary you cab always claim they kenw they should’ve notified you but didn’t.

If you’re scraping leaks, well, there’s no one between you and the data subject who can take the fall. You’ve knowingly collected “bad data” unilaterally.

Yup, it affects all chromium browsers AFAIK

A question: What is preventing the site using one huge cookie for all purposes, thus preventing fully functional use of the site without also enabling all other forms of tracking?

The GDPR was enacted in 2016 and came into effect in 2018. The UK left the EU in 2020.

I don’t think they repealed it. And besides, it applies to EU citizens regardless.

Everyone else’s laws are more or less the same.

The EU and UK have almost identical privacy laws - the GDPR, so Germany having exceptional privacy laws doesn’t hold up. As far as other privacy laws go I think France has a lead on Germany with approximately the same population, so privacy law can’t be the main consideration.

They could’ve just said “Rank the features from one to three accordibg to how much you like it”. This seems unneccessarily more confusing. It isn’t all that cobfusing, but it is an odd way to formulate the question.

I think that’s a good way of measuring “bullshit” in tge surver. The only problem is that you get just one of these questionnaires and a bunch of other questions for the entire survey

As far as I know Google doesn’t let some pretty basic stuff from Crome into Chromium, for example translation (might even go as far as the inbuilt password manager). Potential forks either lose those features or have to implement them seperately.

Now that Manifest v3 is rolling out, apparently Google is able to somehow block the change from being easily reverted which is additional developmental load (or just show ads). Manifest v3 won’t impact Brave too much since it only applies to extensions, while their adblocking is baked-in, but it’s worse than uBO.

Firefox is fully open-source and doesn’t artificially make enabling adblock an issue which might attract more simpler forks (as opposed to Opera, Brave and Edge having companies backing them, Firefox forks mostly have volunteer developers or open source collectives making them).

It’s hard to avoid google products when like 85% of sites have google’s tracjers embedded in them and advertising being their main business.

Google has its own browser, its own search engine, and provides a somewhat easy method to access the majority of the Internet and does it well.

The problem isn’t that it does it well, it’s that it did it well and it doesn’t anymore.

They dominate the market and can afford to make the search AI-inflated bullshit without any revenue losses.

Another part of the problem is the integration. Some google websites are rendered inoperable on Firefox, while others are made to have a worse experience.

A third part is giving its services preferential treatment onstead of having thekr algorithm be unbiased towards in-house services.

Edit:

Once upon a time the best browser game in town was Internet explorer. Similar stuff happened (actually even less blatant then Google). Microsoft basically controlled Web standards. The biggest sin they did was bundle IE with Windows, at least according to the US suit.

For Firefox forks, it’s viable since the forks aren’t doing all that much in the grand scheme of things. That isn’t to say what they’re doing is in any way bad, it’s just that there’s no need to reinvent the wheel.

Firefox is a secure browser and already has 99% of the work done. Most changes which forks make can be done just by changing the config. Some unfortunately have to be made seperately, and that does require extensive testing. Some can even be lifted from other open-source projects.

Separating from source just isn’t viable. Something nuclear would need to happen for any fork to decide to seperate from Firefox. If we just look at the Chromium side of things, Microsoft found it easier to switch to Chromium than to keep making IE/Edge from scratch, and Microsoft surely has a lot of resources to burn.

Would you mind pointing me in the direction of those AIs since the newfangled factcheck bot seems to just pull its data from a premade database, so no AI here on Lemmy

I’d look at it in regarda whether or not Google can get your data (or more somply), do you volountarily connect to Google’s servers: if not (Piped/VPN) I’d count that as being degoogled. If yes (Invidious etc.) you’re still getting the video from Google servers (albeit without ads) but Google still gets their grubby hands on some info about you. By ‘volountary’ I mean if you block connections to Google with e.g. Noscript and keep google enabled (be it tag manager, gstatic, fonts or user-facing services like Youtube). If you have to enable gstatic or tag manager on a few sites because they’re broken, I’d say that’s involountary since it’s not your reliance on Google showing as much as it’s the developers’.

Being 100% disconnected from Google servers is outright impossible these days.

The only correct choice.

It didn’t create the system, and it doesn’t have the power to replace it.

But it does support the system by being a part of it

Yeah. Also, it’s the difference between ads (a very obnoxious thing for 99% of users) and something potentially genuinely useful for a good portion of users like the sign in - I assume the popup isn’t there to annoy us Lemmy users, a large percentage of whom I assume use uBlock Origin and find it annoying, but rather for the ~2-5% of users who wouldn’t bother creating an account but don’t mind signing in with Google due to the convenience (and wouldn’t do so on the signin page). And eveb for us who find it annoying, it isn’t like ads where you’re not supposed to be able to get rid of the popup or the popup being a constant PITA

I think it’s exactly the same as a Doubleclick ad as in it’s a 3rd-party script that adds obnoxious content (be it ads or a signin popup) to the site. I think Doubleclick is owned by google which ironically makes it even more similar than if it was, say, a Facebook popup.