{"id":17443,"date":"2021-04-16T10:30:19","date_gmt":"2021-04-16T17:30:19","guid":{"rendered":"https:\/\/engineering.fb.com\/?p=17443"},"modified":"2022-07-27T11:24:34","modified_gmt":"2022-07-27T18:24:34","slug":"dit","status":"publish","type":"post","link":"https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/","title":{"rendered":"DIT \u2014 enabling de-identified data collection on WhatsApp"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">At WhatsApp, privacy is our DNA. That\u2019s why we rolled out <\/span><span style=\"font-weight: 400;\">end-to-end encryption<\/span><span style=\"font-weight: 400;\"> in 2016 \u2014 so that when messages are end-to-end encrypted, only you and your intended recipients can see the messages you send. But securing messages and calls is just one part of how we minimize the information we collect in the process of providing a global service.\u00a0\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">We\u2019re always looking for ways to improve privacy while maintaining a reliable network that supports more than 100 billion messages and 1 billion calls per day. We\u2019re excited to share that we\u2019ve completed our global roll out of a new method that we are testing to gather usage, reliability and performance data called <\/span><span style=\"font-weight: 400;\">De-identified Telemetry (DIT) <\/span><span style=\"font-weight: 400;\">and are testing it everywhere to ensure that it can support our scale. DIT (formerly known as PrivateStats) aims to further minimize any metadata tied to a specific person or phone number, and ultimately makes WhatsApp even more private.\u00a0\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In order to provide a reliable network at our scale, we need to understand how our service is functioning. To do this we need metrics such as whether messages are delivered and how many people are using various\u00a0 operating systems<\/span><span style=\"font-weight: 400;\">. DIT is built on a proprietary Anonymous Credential System (ACS) that is designed to authenticate data without our server ever learning where the information is gathered from. To date, we rely on data deletion and secure storage protocols to prevent usage information from being tied back to people, but we want to go even further with our privacy protection measures.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Combined with other techniques,<\/span><span style=\"font-weight: 400;\"> we believe that DIT will eventually allow us to obtain usage, reliability, and performance data about our service in a de-identified, privacy-protective way\u2014effectively making WhatsApp even more private. For example, we would be able to understand things like how many people have outdated operating system software or which version of WhatsApp they are running without knowing who those people are. We could also understand if messages have been sent successfully without knowing who sent them. These sorts of insights help us better operate, support, and develop WhatsApp\u2019s service, and we\u2019re excited to be testing a way to gather it, without it being tied to a specific user.\u00a0\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">We began building these technologies in early 2020 and even as we are still testing it today, w<\/span><span style=\"font-weight: 400;\">e believe that the underlying techniques can be implemented into other products and use cases beyond messaging. To facilitate that, <\/span><span style=\"font-weight: 400;\">below is a detailed overview of how DIT and the ACS work in their current form, so that the engineering community can benefit from these developments. More information can also be found in <\/span><a href=\"https:\/\/research.fb.com\/wp-content\/uploads\/2021\/04\/DIT-De-Identified-Authenticated-Telemetry-at-Scale_final.pdf\"><span style=\"font-weight: 400;\">our whitepaper<\/span><\/a><span style=\"font-weight: 400;\">.\u00a0\u00a0<\/span><\/p>\n<h2>How can we make authentication de-identified?<\/h2>\n<p><span style=\"font-weight: 400;\">The idea behind DIT is to collect de-identified analytics data from client applications (or \u201cclients\u201d) in a way that is also authenticated, which may sound counterintuitive. To start, we have to explain what types of data can be gathered from a client. This includes usage, performance, and reliability information such as app versions and whether or not a message was sent successfully. Although we collect a minimal amount of information in order to operate our service, and take steps to reduce access to it through secure storage and data deletion, performance, usage, and reliability metadata could ordinarily be associated with an individual in some way due to authentication requirements. But with DIT we\u2019re aiming to change that.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">To gather analytics data in a de-identified and authenticated way, the logging requests from WhatsApp clients cannot contain anyone\u2019s identity or any identifiable information, such as the IP address of the client. To ensure that we are doing this in a secure way, we have to enable this technology while simultaneously ensuring that only logging requests from legitimate WhatsApp clients are accepted.\u00a0\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">At a high level, DIT addresses this conundrum by splitting the logging workflow into two distinct steps. First, WhatsApp clients use an <\/span><i><span style=\"font-weight: 400;\">authenticated<\/span><\/i><span style=\"font-weight: 400;\"> connection to the server to obtain an anonymous token (also referred to as an anonymous credential) in advance. Then, whenever the clients need to upload logs, they send the anonymous token along with the logs in an <\/span><i><span style=\"font-weight: 400;\">unauthenticated<\/span><\/i><span style=\"font-weight: 400;\"> connection to the server. The anonymous token serves as proof that the client is legitimate. To facilitate this, we use ACS to support this workflow.\u00a0<\/span><\/p>\n<h2>The new logging workflow<\/h2>\n<p><span style=\"font-weight: 400;\">Here is how the new logging workflow functions:\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For the first step:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">1.) \u00a0 Initially, the WhatsApp mobile client obtains a batch of tokens from our servers using a<\/span><a href=\"https:\/\/datatracker.ietf.org\/doc\/draft-irtf-cfrg-voprf\/\"> <span style=\"font-weight: 400;\">Verifiable Oblivious Pseudorandom Functions (VOPRF)<\/span><\/a><span style=\"font-weight: 400;\"> scheme. Each token is an evaluation of the VOPRF, with a random string that the client chooses as the input.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">2.)<\/span><span style=\"font-weight: 400;\"> \u00a0 <\/span><span style=\"font-weight: 400;\">The client then sends a network request with a token.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">3.)<\/span><span style=\"font-weight: 400;\"> \u00a0 <\/span><span style=\"font-weight: 400;\">When a request hits our servers, the authentication server verifies the legitimacy of the request and the ACS, which manages keys for several applications, evaluates the VOPRF using its secret key.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">4.)<\/span><span style=\"font-weight: 400;\"> \u00a0 <\/span><span style=\"font-weight: 400;\">The result is returned as the credential to the mobile client via the application server.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For the second step:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u00a01.)<\/span><span style=\"font-weight: 400;\"> \u00a0 <\/span><span style=\"font-weight: 400;\">When the WhatsApp mobile client logs telemetry data, it attaches the input associated with the token to the logging request and binds the request with an<\/span><a href=\"https:\/\/hackernoon.com\/hmac-and-mac-explained-how-to-build-secure-authentication-with-jwts-jc8b3ylb\"> <span style=\"font-weight: 400;\">HMAC<\/span><\/a><span style=\"font-weight: 400;\"> applied to the data with a key derived from the token.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">2.)<\/span><span style=\"font-weight: 400;\"> \u00a0 <\/span><span style=\"font-weight: 400;\">The application server forwards the request to the ACS, which validates the token and limits the number of times it can be used, then derives the HMAC secret and returns it to the application server.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">3.)<\/span><span style=\"font-weight: 400;\"> \u00a0 <\/span><span style=\"font-weight: 400;\">The application server verifies the integrity of the log and decides whether to proceed with it.<\/span><\/p>\n<figure id=\"attachment_17444\" aria-describedby=\"caption-attachment-17444\" style=\"width: 1024px\" class=\"wp-caption alignnone\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-17444 size-large\" src=\"https:\/\/engineering.fb.com\/wp-content\/uploads\/2021\/04\/ENG_WhatsApp_V2.jpg?w=1024\" alt=\"De-identified Telemetry (DIT) logging workflow\" width=\"1024\" height=\"882\" srcset=\"https:\/\/engineering.fb.com\/wp-content\/uploads\/2021\/04\/ENG_WhatsApp_V2.jpg 2000w, https:\/\/engineering.fb.com\/wp-content\/uploads\/2021\/04\/ENG_WhatsApp_V2.jpg?resize=916,789 916w, https:\/\/engineering.fb.com\/wp-content\/uploads\/2021\/04\/ENG_WhatsApp_V2.jpg?resize=768,661 768w, https:\/\/engineering.fb.com\/wp-content\/uploads\/2021\/04\/ENG_WhatsApp_V2.jpg?resize=1024,882 1024w, https:\/\/engineering.fb.com\/wp-content\/uploads\/2021\/04\/ENG_WhatsApp_V2.jpg?resize=1536,1322 1536w, https:\/\/engineering.fb.com\/wp-content\/uploads\/2021\/04\/ENG_WhatsApp_V2.jpg?resize=96,83 96w, https:\/\/engineering.fb.com\/wp-content\/uploads\/2021\/04\/ENG_WhatsApp_V2.jpg?resize=192,165 192w\" sizes=\"auto, (max-width: 992px) 100vw, 62vw\" \/><figcaption id=\"caption-attachment-17444\" class=\"wp-caption-text\">The logging workflow of the De-Identified Telemetry (DIT) system<\/figcaption><\/figure>\n<p><span style=\"font-weight: 400;\">The pseudo-randomness evaluation of the VOPRFs ensures that tokens cannot be linked across different steps, thereby decoupling a person\u2019s identity and log data. The verifiability seeks to help clients ensure they aren\u2019t using maliciously crafted keys, and instead using only valid ones.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Our decision to use VOPRFs for de-identified interactions was inspired by the<\/span><a href=\"https:\/\/datatracker.ietf.org\/doc\/draft-davidson-pp-protocol\/\"> <span style=\"font-weight: 400;\">Privacy Pass protocol<\/span><\/a> <span style=\"font-weight: 400;\">and blind signatures. While Privacy Pass uses VOPRFs to prevent service abuse from third-party browsers, we\u2019ve shown that the same construction can also be useful in first-party data minimization.<\/span><\/p>\n<h2>Deploying DIT at scale<\/h2>\n<p><span style=\"font-weight: 400;\">There are several practical considerations and challenges when deploying DIT and the ACS at scale. Here is how we addressed some significant ones in testing:<\/span><\/p>\n<p><b>The Curve Choice: <\/b><span style=\"font-weight: 400;\">Deciding which encryption curve to use is an important part of the protocol setup. We compared<\/span><a href=\"https:\/\/brilliant.org\/wiki\/rsa-encryption\/\"> <span style=\"font-weight: 400;\">RSA<\/span><\/a><span style=\"font-weight: 400;\"> and<\/span><a href=\"https:\/\/arstechnica.com\/information-technology\/2013\/10\/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography\/\"> <span style=\"font-weight: 400;\">Elliptic curve (EC)-based<\/span><\/a><span style=\"font-weight: 400;\"> VOPRF algorithms and decided to use an EC-based algorithm similar to Privacy Pass, mainly due to Privacy Pass\u2019 path to standardization. Regarding the choice of the EC group, we initially intended to use<\/span><a href=\"https:\/\/ristretto.group\/why_ristretto.html\"> <span style=\"font-weight: 400;\">Ristretto<\/span><\/a><span style=\"font-weight: 400;\"> for EC-VOPRF instantiation, while switching to the existing curve,<\/span><a href=\"https:\/\/www.intechopen.com\/books\/theorizing-stem-education-in-the-21st-century\/implementation-of-elliptic-curve25519-in-cryptography\"> <span style=\"font-weight: 400;\">Curve25519<\/span><\/a><span style=\"font-weight: 400;\">, that was bundled with the app for end-to-end encryption, as WhatsApp has stringent app size requirements. To be mindful of potential<\/span><a href=\"https:\/\/eprint.iacr.org\/2004\/306.ps\"> <span style=\"font-weight: 400;\">static DH attacks<\/span><\/a><span style=\"font-weight: 400;\"> against the Curve25519, we&#8217;ve also incorporated additional mitigations such as more frequent key rotations.<\/span><\/p>\n<p><b>Unlinkability guarantees:<\/b><span style=\"font-weight: 400;\"> I<\/span><span style=\"font-weight: 400;\">f DIT proves to be both reliable and effective at scale,<\/span><span style=\"font-weight: 400;\"> it will eventually allow WhatsApp to understand, for example, how many people have experienced an app crash without knowing which people were impacted by the crash. To facilitate such aggregations, DIT has a pseudonymous identifier for each client that is rotated periodically and sent with the log payload. This lets clients control their pseudonymity while providing useful aggregate information linked by ephemeral identifiers. Along these lines, with weaker unlinkability guarantees, we allow tokens to be re-used a small number of times before they\u2019re invalid to improve the system\u2019s reliability and efficiency. We currently have the limit set at 64 times per day, which allows the vast majority of our clients to go up to an entire day without having to fetch a new token. The re-use of these tokens has no impact on the keys that enable and protect WhatsApp\u2019s end-to-end encryption.<\/span><\/p>\n<p><b>Re-identifiability<\/b><span style=\"font-weight: 400;\">: We reduce the re-identification risk of a VOPRF token by actively measuring the re-identification and joinability potential of the data that\u2019s collected and sounding an alert if the potential exceeds a particular threshold. This allows us to stop gathering telemetry data that has high re-identification potential.<\/span> <span style=\"font-weight: 400;\">We have also added additional protections to mitigate against this risk, including removing the IP address that would have been associated with the anonymous requests at our edge servers so that the logging server does not have access to it. Since we are actively testing DIT, we are still exploring the impact and tradeoffs of this approach, and may end up adjusting it prior to fully deploying and relying on DIT.<\/span><\/p>\n<p><b>Rate limiting:<\/b><span style=\"font-weight: 400;\"> Since we cannot rate limit people during the anonymous redemption of the tokens, we use key rotation to rate limit them. We do this by limiting the number of tokens a single client can request per public key, and rotating the public key to expire the tokens. For redemption requests, the logging server also tracks the number of times a unique credential has been redeemed and rejects the logging request if the credential is already redeemed more times than a preset threshold.<\/span><\/p>\n<p><b>Communication cost<\/b><span style=\"font-weight: 400;\">: Compared with WhatsApp\u2019s existing procedures, DIT\u2019s workflow takes extra steps to fetch the credential prior to the actual logging request and communicates with the ACS in the middle of each step. To save time and reduce the number of round trips to the server, we allow tokens to be reused a few times. We also deploy ACS servers locally in relation to WhatsApp application servers to reduce the latency from cross-region traffic.<\/span><\/p>\n<h2>What\u2019s next for DIT<\/h2>\n<p><span style=\"font-weight: 400;\">Our ethos at WhatsApp has always been to provide a simple, reliable service at scale that preserves the privacy of the people who choose to use it. We believe that additional privacy preserving techniques both at the time of collection, (e.g. local differential privacy), and after collection, (e.g. global differential privacy), can further strengthen our privacy guarantees. There is a long road from testing this technology to fully utilizing it without any redundancies in place, but we are excited to be on this journey. We\u2019re looking forward to seeing how our testing performs and making any necessary refinements .\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">DIT is part of a broader initiative across Facebook to build and deploy features and infrastructure that can further enhance user privacy and minimize data collection. More information about other privacy preserving technologies in development can be found <\/span><a href=\"https:\/\/about.fb.com\/news\/tag\/privacy-matters\/\"><span style=\"font-weight: 400;\">here<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>At WhatsApp, privacy is our DNA. That\u2019s why we rolled out end-to-end encryption in 2016 \u2014 so that when messages are end-to-end encrypted, only you and your intended recipients can see the messages you send. But securing messages and calls is just one part of how we minimize the information we collect in the process [&#8230;]<\/p>\n<p><a class=\"btn btn-secondary understrap-read-more-link\" href=\"https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/\">Read More&#8230;<\/a><\/p>\n","protected":false},"author":51,"featured_media":17451,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[65,67,47],"tags":[1687],"coauthors":[1607],"class_list":["post-17443","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-data-infrastructure","category-production-engineering","category-security","tag-whatsapp","fb_content_type-article"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v19.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>DIT \u2014 enabling de-identified data collection on WhatsApp<\/title>\n<meta name=\"description\" content=\"De-identified Telemetry (DIT) aims to further minimize any metadata tied to a specific person or phone number, and ultimately makes WhatsApp even more private.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Chris Wiltz\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/2021\\\/04\\\/16\\\/security\\\/dit\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/2021\\\/04\\\/16\\\/security\\\/dit\\\/\"},\"author\":{\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/2021\\\/04\\\/16\\\/security\\\/dit\\\/#author\",\"name\":\"\"},\"headline\":\"DIT \u2014 enabling de-identified data collection on WhatsApp\",\"datePublished\":\"2021-04-16T17:30:19+00:00\",\"dateModified\":\"2022-07-27T18:24:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/2021\\\/04\\\/16\\\/security\\\/dit\\\/\"},\"wordCount\":1750,\"publisher\":{\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/2021\\\/04\\\/16\\\/security\\\/dit\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/engineering.fb.com\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/DIT-1.png\",\"keywords\":[\"WhatsApp\"],\"articleSection\":[\"Data Infrastructure\",\"Production Engineering\",\"Security &amp; Privacy\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/2021\\\/04\\\/16\\\/security\\\/dit\\\/\",\"url\":\"https:\\\/\\\/engineering.fb.com\\\/2021\\\/04\\\/16\\\/security\\\/dit\\\/\",\"name\":\"DIT \u2014 enabling de-identified data collection on WhatsApp\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/2021\\\/04\\\/16\\\/security\\\/dit\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/2021\\\/04\\\/16\\\/security\\\/dit\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/engineering.fb.com\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/DIT-1.png\",\"datePublished\":\"2021-04-16T17:30:19+00:00\",\"dateModified\":\"2022-07-27T18:24:34+00:00\",\"description\":\"De-identified Telemetry (DIT) aims to further minimize any metadata tied to a specific person or phone number, and ultimately makes WhatsApp even more private.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/2021\\\/04\\\/16\\\/security\\\/dit\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/engineering.fb.com\\\/2021\\\/04\\\/16\\\/security\\\/dit\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/2021\\\/04\\\/16\\\/security\\\/dit\\\/#primaryimage\",\"url\":\"https:\\\/\\\/engineering.fb.com\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/DIT-1.png\",\"contentUrl\":\"https:\\\/\\\/engineering.fb.com\\\/wp-content\\\/uploads\\\/2021\\\/04\\\/DIT-1.png\",\"width\":1920,\"height\":1080},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/2021\\\/04\\\/16\\\/security\\\/dit\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/engineering.fb.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"DIT \u2014 enabling de-identified data collection on WhatsApp\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/#website\",\"url\":\"https:\\\/\\\/engineering.fb.com\\\/\",\"name\":\"Engineering at Meta\",\"description\":\"Engineering at Meta Blog\",\"publisher\":{\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/engineering.fb.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/#organization\",\"name\":\"Meta\",\"url\":\"https:\\\/\\\/engineering.fb.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/engineering.fb.com\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/Meta_lockup_positive-primary_RGB.jpg\",\"contentUrl\":\"https:\\\/\\\/engineering.fb.com\\\/wp-content\\\/uploads\\\/2023\\\/08\\\/Meta_lockup_positive-primary_RGB.jpg\",\"width\":29011,\"height\":12501,\"caption\":\"Meta\"},\"image\":{\"@id\":\"https:\\\/\\\/engineering.fb.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/Engineering\\\/\",\"https:\\\/\\\/x.com\\\/fb_engineering\"]},[]]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"DIT \u2014 enabling de-identified data collection on WhatsApp","description":"De-identified Telemetry (DIT) aims to further minimize any metadata tied to a specific person or phone number, and ultimately makes WhatsApp even more private.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/","twitter_misc":{"Written by":"Chris Wiltz","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/#article","isPartOf":{"@id":"https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/"},"author":{"@id":"https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/#author","name":""},"headline":"DIT \u2014 enabling de-identified data collection on WhatsApp","datePublished":"2021-04-16T17:30:19+00:00","dateModified":"2022-07-27T18:24:34+00:00","mainEntityOfPage":{"@id":"https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/"},"wordCount":1750,"publisher":{"@id":"https:\/\/engineering.fb.com\/#organization"},"image":{"@id":"https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/#primaryimage"},"thumbnailUrl":"https:\/\/engineering.fb.com\/wp-content\/uploads\/2021\/04\/DIT-1.png","keywords":["WhatsApp"],"articleSection":["Data Infrastructure","Production Engineering","Security &amp; Privacy"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/","url":"https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/","name":"DIT \u2014 enabling de-identified data collection on WhatsApp","isPartOf":{"@id":"https:\/\/engineering.fb.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/#primaryimage"},"image":{"@id":"https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/#primaryimage"},"thumbnailUrl":"https:\/\/engineering.fb.com\/wp-content\/uploads\/2021\/04\/DIT-1.png","datePublished":"2021-04-16T17:30:19+00:00","dateModified":"2022-07-27T18:24:34+00:00","description":"De-identified Telemetry (DIT) aims to further minimize any metadata tied to a specific person or phone number, and ultimately makes WhatsApp even more private.","breadcrumb":{"@id":"https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/#primaryimage","url":"https:\/\/engineering.fb.com\/wp-content\/uploads\/2021\/04\/DIT-1.png","contentUrl":"https:\/\/engineering.fb.com\/wp-content\/uploads\/2021\/04\/DIT-1.png","width":1920,"height":1080},{"@type":"BreadcrumbList","@id":"https:\/\/engineering.fb.com\/2021\/04\/16\/security\/dit\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/engineering.fb.com\/"},{"@type":"ListItem","position":2,"name":"DIT \u2014 enabling de-identified data collection on WhatsApp"}]},{"@type":"WebSite","@id":"https:\/\/engineering.fb.com\/#website","url":"https:\/\/engineering.fb.com\/","name":"Engineering at Meta","description":"Engineering at Meta Blog","publisher":{"@id":"https:\/\/engineering.fb.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/engineering.fb.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/engineering.fb.com\/#organization","name":"Meta","url":"https:\/\/engineering.fb.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/engineering.fb.com\/#\/schema\/logo\/image\/","url":"https:\/\/engineering.fb.com\/wp-content\/uploads\/2023\/08\/Meta_lockup_positive-primary_RGB.jpg","contentUrl":"https:\/\/engineering.fb.com\/wp-content\/uploads\/2023\/08\/Meta_lockup_positive-primary_RGB.jpg","width":29011,"height":12501,"caption":"Meta"},"image":{"@id":"https:\/\/engineering.fb.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/Engineering\/","https:\/\/x.com\/fb_engineering"]},[]]}},"jetpack_featured_media_url":"https:\/\/engineering.fb.com\/wp-content\/uploads\/2021\/04\/DIT-1.png","jetpack_shortlink":"https:\/\/wp.me\/sa0Lhq-dit","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/engineering.fb.com\/wp-json\/wp\/v2\/posts\/17443","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/engineering.fb.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/engineering.fb.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/engineering.fb.com\/wp-json\/wp\/v2\/users\/51"}],"replies":[{"embeddable":true,"href":"https:\/\/engineering.fb.com\/wp-json\/wp\/v2\/comments?post=17443"}],"version-history":[{"count":6,"href":"https:\/\/engineering.fb.com\/wp-json\/wp\/v2\/posts\/17443\/revisions"}],"predecessor-version":[{"id":18510,"href":"https:\/\/engineering.fb.com\/wp-json\/wp\/v2\/posts\/17443\/revisions\/18510"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/engineering.fb.com\/wp-json\/wp\/v2\/media\/17451"}],"wp:attachment":[{"href":"https:\/\/engineering.fb.com\/wp-json\/wp\/v2\/media?parent=17443"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/engineering.fb.com\/wp-json\/wp\/v2\/categories?post=17443"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/engineering.fb.com\/wp-json\/wp\/v2\/tags?post=17443"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/engineering.fb.com\/wp-json\/wp\/v2\/coauthors?post=17443"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}