The View Once option for WhatsApp has been available for Android since June 2021, and has just begun testing on iOS, giving users the ability to toggle the setting before sending anything. Enabling View Once will cause the message to delete itself after the recipient views it, so they can’t go back and check the message again later. It sounds like a straightforward way to address privacy, in theory, but there are several elements that make View Once all but meaningless. “After the controversial changes in their privacy policy at the beginning of this year, WhatsApp is trying to gain users’ trust by including the new privacy-focused features,” Peter Baltazar, technical content writer at MalwareFox, said in an email interview with Lifewire. “The [View Once] feature can be practical if WhatsApp does not let the receivers know that the message is self-deleting. However, unfortunately, that is not the case.”
It’s Not Secure, Actually
The privacy and security angle is the main focus of WhatsApp’s View Once feature, but in practice it doesn’t really provide either of those things. Yes, a View Once message will delete itself after it’s been viewed, but the app currently doesn’t block recipients from taking a screenshot of the message to preserve it. WhatsApp also doesn’t notify senders if a screenshot of their message has been taken. There are ways for WhatsApp to address the screenshot loophole, though. According to Nadav Melnick, vice president of product at Rakuten Viber, who spoke to Lifewire in an email, “there are elegant ways to help users avoid these situations. For example, Netflix blocks screenshots by making the screen blank the moment of the screenshot. This prevents screenshots on their app.” Several apps have proven it’s possible to detect and prevent screenshots from being taken on a mobile device, which means WhatsApp could theoretically do the same. Similarly, while letting senders know their View Once messages have been copied won’t prevent screenshots, it would let the sender know who to avoid in the future. “The application should alert the senders that their messages have been captured. That would be a real privacy feature in the true sense,” said Baltazar, who went on to suggest that “for the View Once messages, WhatsApp should not notify the users about it. This would reduce the chances of taking a screenshot.” Group messaging also presents a problem for WhatsApp users that want to make use of the View Once option. “…There are complexities when sharing a View Once message in a WhatsApp group that contains blocked contacts,” said Professor Michael Huth, co-founder and chief research officer of Xayn, in an email interview. “Those contacts will still be able to view the message after the initial viewing.”
The Bigger Problem
View Once may not be as effective as advertised thanks to a few oversights, but WhatsApp being owned by Facebook is a much more significant issue for users’ privacy and security. Most social media companies have been criticized for the way they handle (or mishandle) user privacy, and Facebook is no exception. While self-deleting messages may sound like a more private and secure form of communication on the surface, Facebook is still collecting that data. “WhatsApp’s View Once messages are an experimental feature focused on user experience in a moment when the company faces harsh criticism regarding their way of handling user data,” said Huth. “With the introduction of ‘View Once’ messaging, Facebook is trying to sugarcoat their general privacy-invading practices.” “Whatever WhatsApp does will have an effect on the user’s phone, but it won’t prevent the company from mining data about the users to sell more ads,” agrees Melnick. “It will probably delete the message from the user device, so in that sense, it will be more private. However, this will not prevent WhatsApp and Facebook from extracting all of the data they do to messages anyway these days.” Unfortunately there’s no way to “fix” these larger privacy issues in WhatsApp without Facebook electing to cease the collection of user data, but there are ways to sidestep them. The most effective and direct method is to simply use a different app. “I strongly recommend using other, more secure messaging services,” said Huth, “such as Signal or Threema.” *Updated to correct Michael Huth’s title.