[PandaBear123]

> 7.5.1. Partner User Location. Any Partner Users that Partner Enlists or provides access to the Interoperable Messaging Services must be located and remain in the EEA. Without limiting Section 11 (Warranties), Partner represents and warrants that it will only (i) Enlist and (ii) enable access to the Interoperable Messaging Services by Partner Users that Partner independently validates are located in the European Economic Area, (i.e., a Partner User must be present within the European Economic Area within any consecutive sixty (60) calendar day period). If WhatsApp detects or otherwise has reasonable grounds to suspect a Partner User Enlisted to receive the Interoperable Messaging Services is not located in the European Economic Area or is no longer located in the EEA, WhatsApp reserves the right to immediately suspend such Partner User(s) from accessing the Interoperable Messaging Services, and if multiple violations are detected, Partner shall remedy Partner's location validation procedures to ensure compliance with the terms of this Agreement.

Looks like interoperability is geo-fenced to Europe only.

[jraph]

And that they are reluctantly complying in bad faith in the most hostile way they found. Is this going to fly? Where do these 60 days come from for instance? How is it any useful and who is going to want to implement such interoperability under such terms?

This reads like a lot of words to say Fuck You Europe to me.

Well, feelings are mutual, at least we are on the same page, them and me.

[concinds]

You may dislike it, but EU law only applies in the EU; it sounds like full compliance to me, not "bad faith" compliance.

Messaging-interoperability is the one aspect of the DMA I don't support. These apps are free to download; and if you care about security (and use Signal) you'll want to avoid cross-service messaging anyway.

[afavour]

> These apps are free to download

Yes but you aren’t truly free to choose which app you download. You have to use the one being used by the people you want to message. That is of strong benefit to incumbents.

[doctorpangloss]

Has there been meaningful innovation in messaging? I had free AIM on $3 T-Zones in 2006. So I see no downsides to just forcing interoperability.

[myaccountonhn]

Many add a bunch of bloat that I simply do not want. It'd be nice to have a chat app that only do chat.

[lotsofpulp]

Meta and Apple are paying for far more bandwidth than what AIM was moving around back then. Very high quality videos, audio, pictures, and gifs not to mention files and group video calls.

[catlikesshrimp]

Their will. I'm perfectly fine receiving full quality media as files, I don't need meta to reformat my media to reduce their bandwidth bill and train their model, they could redirect me to the original file if I am using another messaging app.

[concinds]

> you aren’t truly free to choose which app you download. You have to use the one

Singular? You'd just use whichever app a given person is on (everyone here has 3+ chat apps installed). Wouldn't network effects only kick in when group chats are involved?

[AAAAaccountAAAA]

Yes, and failing that, you could simply revert to plain old SMS. IMO, a better course of action would have been forcing Whatsapp to provide an alternative way to access their group chats.

Or alternatively, forcing all phones and carriers to support RCS as a condition for certification, and funding the development of a quality FOSS RCS client.

[cesarb]

> You may dislike it, but EU law only applies in the EU;

Even then, that consecutive 60-day limit sounds bizarre. For instance, someone who has dual citizenship could legitimately switch between an EU and a non-EU country every single month. Why shouldn't that person have access to these "Interoperable Messaging Services" when in the EU?

[sealeck]

If you switch every month then you will have been present in the EU within any 60-day window?

[htrp]

Literally lawyering up the implementation

[sealeck]

This is definitely their tactic, and it may work because they can be incredibly obstreperous at every turn and make the commission fight every small detail tooth and nail up to the highest court.

[sabellito]

Why don't you support it?

There are government services that use whatsapp in my country. This argument "just don't use it" is very tired.

Interoperability can be achieved with E2E encryption.

[concinds]

> Interoperability can be achieved with E2E encryption.

On paper yes. But I wouldn't trust it.

https://www.wired.com/story/whatsapp-interoperability-messag...

> There will also be the option, Brouwer says, for third-party developers to add a proxy between their apps and WhatsApp’s server. This, he says, could give developers more “flexibility” and remove the need for them to use WhatsApp’s client-server protocols, but it also “increases the potential attack vectors.”

--

> There are government services that use whatsapp in my country. This argument "just don't use it" is very tired.

I'm saying I wouldn't trust or use interoperability. If something/someone is on WhatsApp I'd do it through WhatsApp. Doesn't mean I can't use Signal with all those who use that.

[methuselah_in]

Xmpp

[concinds]

Actually I forgot about iMessage. It’s the only service where forced interoperability makes sense (because you can’t “just download an app”, you’re locked out of the service unless you buy an Apple device), and yet it was excluded. Hopefully the EU changes the law so it applies to iMessage.

[justoreply]

in Europe very few people are using iMessage, most of them are using Whatsapp

[olivermuty]

Southern europe yes, further north its almost no WA and a ton of iMessage

[anticensor]

iMessage already interoperates, with SMS and MMS.

[southerntofu]

EU law only applies in the EU, but an actor who doesn't respect EU law outside of the EU may be refused business in the EU. I agree the precedents are not strong to propose an outright ban (eg. Coca Cola murdering trade unionists and forest defenders in South America) but it would perfectly make sense on paper.

[catlikesshrimp]

Digital services are global. Regulation can be different from physical good regulation.

Heck, in the US even taxes are global

Edit: For US citizens

[rock_artist]

It seems all companies complying with EU laws (Meta and Apple) spent most resources on lawyers and accountants. To make this unattractive to users and competitors.

Without additional regulations across the globe it’ll be simpler playing the geofencing game for those companies.

[no_identd]

That'll just come back to bite them in the ass during round 2

World's most stupendous & drawn out Yak shave, if one thinks about it

[gruez]

Sounds less like "bad faith" and more like "I was hoping that Meta would cave and offer this to everyone, but turns out they don't have to do that because EU jurisdiction ends at EU borders"?

[jraph]

Fair enough.

Now, not sure what I was hoping for. None of my messages currently go through Meta and I'm quite happy with this.

As an implementer, I certainly wouldn't want to police and track my users and their location for a chat service, and as a user I wouldn't want a chat service to track me.

I also certainly don't want to depend on a system which is unreliable because it artificially depends on my or my contacts position on Earth

This whole thing sounds like something I will not want to use anyway.

[jddj]

You tend to see similar terms around the "fair use" of free EU roaming.

Some of them even threaten back charges if it turns out you used more data abroad than at the home country over a long enough period.

I called their bluff once and got away with it, but their systems may have improved since then

[pmontra]

So what happens when a EU citizens go on vacation in the US? No more sharing messages between platforms until they go back home?

[kolmogorov]

this reads as if they can for 60 consecutive days and on day 61 they'd be disconnected from interoperable messaging

[lxgr]

This is so absurd.

I think the previously often raised objections to interoperability were technically and economically mostly sound (federation is much harder to achieve in a secure way, thinking of key distribution, identifier verification etc.).

Now overcoming all of these obstacles and then going the extra mile to implement geofencing (which also has tons of edge cases!) completely undoes that argument.

[arp242]

I don't really see why WhatsApp would care, because once you have developed the interoperability, audited the apps, and done all that, it doesn't really cost WhatsApp anything if a user is using that app. They lose no profit, doesn't cost their servers any more than their own client would, etc.

WhatsApp makes their money from the business clients/apps (which aren't covered under this, which I think is fine by the way).

So why care where a user is on the planet? I just don't see the business reason for this. Maybe I'm missing something?

[lxgr]

For one thing, they can't show ads in third-party clients. (I think they currently only do that in "stories" in their own client at the moment, but without competing clients, they always have the option to expand that.)

On the other hand, I could imagine their business messaging ambitions to be threatened by third-party clients: There's nothing stopping the vendors of these clients from undercutting Meta on business messaging rates.

And this is all assuming that third-party services couldn't provide their own business messaging services to first-party WhatsApp client users without paying Meta their list price. I don't know whether the DMA allows that, or if normal rates would still apply in that case.

[akdev1l]

The WhatsApp client does give Meta a window of opportunity to get data from users.

The data is otherwise E2E encrypted but when you see a link preview on WhatsApp Meta knows that.

[Vinnl]

Only the messages are encrypted, but there's a ton of metadata that isn't, e.g. who you talk to, when, where you are when you do so, ...

[akdev1l]

But in the client is the only time their code touches the actual unencrypted message data.

Also a lot of the data you mentioned will also not be available if you don’t use their client, eg: if you use Signal client then Facebook won’t get your location all as that’s not part of regular text message

[arp242]

Do they actually do that? Because I'm not so sure that they do.

[akdev1l]

The preview sends a request to some server on a Facebook subdomain. I know because I was sniffing traffic on my phone without any Facebook app installed other than WhatsApp.

[arp242]

Okay, but do they actually use any data from that? What does the privacy policy say? Have any effects been observed beyond "uses a facebook domain" (e.g. you see ads on Facebook for a site you had in preview)? Is there functional reason for using that domain?

[lxgr]

Did you see the content of that domain? It might be spam/phishing protection, which can be done in a privacy-preserving way (e.g. sending only a truncated hash of the link TLD to a server and downloading a larger set of blocked domains for local filtering).

At least on my Mac, I also only see connections to the URL domain, nothing to a Facebook subdomain.