Wire ownership changes #1488

New Issue

2019-11-13T04:17:01Z

xDazld commented

2019-11-13 04:17:01 +00:00

(Migrated from github.com)

I believe that it may be worth looking into the current recommendation of Wire because of some issues recently raised about a quiet change in ownership.
Specifically I'm referring to what's been brought up in this thread on Twitter: https://twitter.com/Snowden/status/1194396764293550080
The opinion of @danarel would probably be helpful here, as he's been active on the thread and has already attempted to reach out to Wire.

I believe that it may be worth looking into the current recommendation of Wire because of some issues recently raised about a quiet change in ownership. Specifically I'm referring to what's been brought up in this thread on Twitter: https://twitter.com/Snowden/status/1194396764293550080 The opinion of @danarel would probably be helpful here, as he's been active on the thread and has already attempted to reach out to Wire.

👍 4

danarel commented

2019-11-13 04:29:15 +00:00

(Migrated from github.com)

It's not looking great for Wire. From the outside, it seems as though this is their big push into the US market and are fundraising from VCs to do so. What's alarming is that the VC they are working with right now works w/ insurance and health care companies. All companies who generally profit well from data mining.

Also, VCs will want to be paid back, and the fact Wire is looking for funding says they aren't making enough and are for all intents and purposes, for sale. The new holdings company in the US under the CEOs name doesn't help make this look any better.

All of this violates their Privacy Policy, which makes it look even shadier. Not to mention they recently partnered with the US gov't.

I want to give Wire a chance to answer but they have ignored my requests and countless others.

It's not looking great for Wire. From the outside, it seems as though this is their big push into the US market and are fundraising from VCs to do so. What's alarming is that the VC they are working with right now works w/ insurance and health care companies. All companies who generally profit well from data mining. Also, VCs will want to be paid back, and the fact Wire is looking for funding says they aren't making enough and are for all intents and purposes, for sale. The new holdings company in the US under the CEOs name doesn't help make this look any better. All of this violates their Privacy Policy, which makes it look even shadier. Not to mention they recently partnered with the US gov't. I want to give Wire a chance to answer but they have ignored my requests and countless others.

blacklight447 commented

2019-11-13 06:17:29 +00:00

(Migrated from github.com)

We'll be investigating this matter.

xDazld commented

2019-11-13 12:52:40 +00:00

(Migrated from github.com)

Thought I might point out that Janus Friis, an investor listed on Wire's about page, also owns a startup called Starship. Starship is a couple of spaces above Wire on Morpheus's portfolio page. The connection that creates looks like this isn't a sudden new plan from Wire.

danarel commented

2019-11-13 14:59:47 +00:00

(Migrated from github.com)

Here is their official statement. They have moved to the US and didn’t notify their customers. They broke their own privacy policy.

https://wire.com/en/blog/wire_business_update/

Here is their official statement. They have moved to the US and didn’t notify their customers. They broke their own privacy policy. https://wire.com/en/blog/wire_business_update/

xDazld commented

2019-11-13 17:31:04 +00:00

(Migrated from github.com)

Since we're pretty confident on them violating their policy, I think that's at least grounds to put up a warning about it on the website.
My opinion is that at the least you should display a hard to miss warning about this, but I believe a removal would be justified here.
It's important to remember that there's already a warning about them storing metadata in plain text, so their privacy policy does matter.

Since we're pretty confident on them violating their policy, I think that's at least grounds to put up a warning about it on the website. My opinion is that at the least you should display a hard to miss warning about this, but I believe a removal would be justified here. It's important to remember that there's already a warning about them storing metadata in plain text, so their privacy policy does matter.

danarel commented

2019-11-13 20:00:35 +00:00

(Migrated from github.com)

I think at best a warning is needed for the time being, if not a full removal. I may try and see if I can submit a few questions to them about this change as well since they have finally posted about it.

They still have questions that need to be answered for their non-enterprise users.

I think at best a warning is needed for the time being, if not a full removal. I may try and see if I can submit a few questions to them about this change as well since they have finally posted about it. They still have questions that need to be answered for their non-enterprise users.

danarel commented

2019-11-14 01:58:38 +00:00

(Migrated from github.com)

I recommend it be delisted now. They don’t care about the individual user and say they are focused on security not privacy.

https://techcrunch.com/2019/11/13/messaging-app-wire-confirms-8-2m-raise-responds-to-privacy-concerns-after-moving-holding-company-to-the-us/

I recommend it be delisted now. They don’t care about the individual user and say they are focused on security not privacy. https://techcrunch.com/2019/11/13/messaging-app-wire-confirms-8-2m-raise-responds-to-privacy-concerns-after-moving-holding-company-to-the-us/

Ruchbah commented

2021-01-11 23:39:21 +00:00

(Migrated from github.com)

I recommend it be delisted now. They don’t care about the individual user and say they are focused on security not privacy.

https://techcrunch.com/2019/11/13/messaging-app-wire-confirms-8-2m-raise-responds-to-privacy-concerns-after-moving-holding-company-to-the-us/
—-
Wire director confirmed the ownership, and jurisdiction, is fully Swiss now. Check this thread til the end with Alan Duric responses. https://twitter.com/julian0liver/status/1347827714972114945?s=21

> I recommend it be delisted now. They don’t care about the individual user and say they are focused on security not privacy. > > https://techcrunch.com/2019/11/13/messaging-app-wire-confirms-8-2m-raise-responds-to-privacy-concerns-after-moving-holding-company-to-the-us/ —- Wire director confirmed the ownership, and jurisdiction, is fully Swiss now. Check this thread til the end with Alan Duric responses. https://twitter.com/julian0liver/status/1347827714972114945?s=21

danarel commented

2021-01-11 23:47:54 +00:00

(Migrated from github.com)

Wire director confirmed the ownership, and jurisdiction, is fully Swiss now. Check this thread til the end with Alan Duric responses. https://twitter.com/julian0liver/status/1347827714972114945?s=21

That's not really new. In the blog written about the delisting the CEO at the time made the same assertion, and even with that potentially being true we found reasonable cause to delist Wire.

In an interview with TechCrunch, Wire CEO Morten Brøgger said of privacy laws: “We are in Switzerland, which has the best privacy laws in the world” — it’s subject to Europe’s General Data Protection Regulation framework (GDPR) on top of its own local laws — “and Wire now belongs to a new group holding, but there no change in control.”

Even if he is correct, the move and statement do bring up further questions. With Wire now being a US company with contracts partnering it with US federal authorities, will those authorities now have leverage to compel Wire to give up metadata on users? Wire has investors to answer to and will not be able to risk losing large deals with clients like the US federal government. This is of course a hypothetical situation, but one to be considered nonetheless as we decide which services to recommend on PrivacyTools.

Wire also quietly made an adjustment to its own privacy policy. A previous version of the policy (July 18, 2017) stated it would only share user data when required by law. Now (Updated September 1, 2018), it reads they will share user data when "necessary." What does necessary mean, and necessary to whom? Necessary to law enforcement, shareholders, or advertisers? The word "necessary" is an alarming change because "necessary" is purposefully vague terminology that could conceivably be used as a tool to justify any action. This change doesn't leave the user with much confidence as to when the company may share your data.

Read the full reasoning here: https://blog.privacytools.io/delisting-wire/

> Wire director confirmed the ownership, and jurisdiction, is fully Swiss now. Check this thread til the end with Alan Duric responses. https://twitter.com/julian0liver/status/1347827714972114945?s=21 That's not really new. In the blog written about the delisting the CEO at the time made the same assertion, and even with that potentially being true we found reasonable cause to delist Wire. > In an interview with TechCrunch, Wire CEO Morten Brøgger said of privacy laws: “We are in Switzerland, which has the best privacy laws in the world” — it’s subject to Europe’s General Data Protection Regulation framework (GDPR) on top of its own local laws — “and Wire now belongs to a new group holding, but there no change in control.” > > Even if he is correct, the move and statement do bring up further questions. With Wire now being a US company with contracts partnering it with US federal authorities, will those authorities now have leverage to compel Wire to give up metadata on users? Wire has investors to answer to and will not be able to risk losing large deals with clients like the US federal government. This is of course a hypothetical situation, but one to be considered nonetheless as we decide which services to recommend on PrivacyTools. > > Wire also quietly made an adjustment to its own privacy policy. A previous version of the policy (July 18, 2017) stated it would only share user data when required by law. Now (Updated September 1, 2018), it reads they will share user data when "necessary." What does necessary mean, and necessary to whom? Necessary to law enforcement, shareholders, or advertisers? The word "necessary" is an alarming change because "necessary" is purposefully vague terminology that could conceivably be used as a tool to justify any action. This change doesn't leave the user with much confidence as to when the company may share your data. Read the full reasoning here: https://blog.privacytools.io/delisting-wire/

Ruchbah commented

2021-01-12 00:11:12 +00:00

(Migrated from github.com)

Read the full reasoning here: https://blog.privacytools.io/delisting-wire/

One of the links on the privacytools blog is pointing to a page that has been updated in October 2020 (the blog entry itself is much older). Where it clearly states the US entity is fully resigned. Check:
https://rhyhw3lf3snyjh3wgtnt5yc4om-adwhj77lcyoafdy-www-zefix-ch.translate.goog/de/search/entity/list/firm/1116851

> Read the full reasoning here: https://blog.privacytools.io/delisting-wire/ One of the links on the privacytools blog is pointing to a page that has been updated in October 2020 (the blog entry itself is much older). Where it clearly states the US entity is fully resigned. Check: https://rhyhw3lf3snyjh3wgtnt5yc4om-adwhj77lcyoafdy-www-zefix-ch.translate.goog/de/search/entity/list/firm/1116851

danarel commented

2021-01-12 00:15:17 +00:00

(Migrated from github.com)

One of the links on the privacytools blog is pointing to a page that has been updated in October 2020 (the blog entry itself is much older). Where it clearly states the US entity is fully resigned. Check:

Again, the location of Wire was only a small part of why it was delisted. Even being out of the US completely doesn't change the other reasons (such as the bad privacy policy).

Signal, Duck Duck Go, etc are US companies. That isn't something that immediately disqualifies a service. What does is a weak privacy policy and that the CEO purposefully kept the changes a secret because he didn't think it was the public's business.

> One of the links on the privacytools blog is pointing to a page that has been updated in October 2020 (the blog entry itself is much older). Where it clearly states the US entity is fully resigned. Check: Again, the location of Wire was only a small part of why it was delisted. Even being out of the US completely doesn't change the other reasons (such as the bad privacy policy). Signal, Duck Duck Go, etc are US companies. That isn't something that immediately disqualifies a service. What does is a weak privacy policy and that the CEO purposefully kept the changes a secret because he didn't think it was the public's business.

This repo is archived. You cannot comment on issues.