After looking into Threema, Signal, Riot and Telegram, we come to another messaging app that is heavily used by gamers and more recently has also made it’s mark in the crypto world.....Discord!
It’s geared specifically toward video game players, providing them with a means to find one another, to co-ordinate play and chat whilst playing.
It supports video, voice and text giving users options as to how to interact. Discord has apps for MacOS, Windows, Linux, Android and iOS so pretty versatile........ok, so far so good!
Discord claims that all its messages are encrypted. Whilst this is true to a certain extent, as they are sent over an HTTPS connection, it does NOT mean that they cannot see the content of your messages! All messages, voice, files, pictures etc. are stored on Discord’s servers! They are not encrypted on those servers and so can be read/seen!
This could mean, in theory, that the owners (who have made and recived a huge investment in kit and infrastructure) could be able to use your data for commercial purposes. You become the product!
Discord explicitly confirms in its privacy policy that it collects the following information:
IP Address
Device UUID
User's e-mail address
All text messages
All images
All VOIP data (voice chat)
Open rates for e-mail sent by Discord
So Discord can (and probably does) collect large amounts of sensitive user data.
We monitored the connections and have not seen a messenger who has the potential to collect more data than Discord can! Well, Facebook messenger is probably on a par!
Discord contains a ‘process logger’ which records your operation system and program usage habits. Logs of all other programs that are open on your computer are monitor-able (and collectible) meaning they know what programs you are using and use this in your profile metadata!
By recording your IP address, Discord can track your general location (but only about as precisely as to which county you are in) but if your device has a location service on, they can pretty much track you to wherever you are.
Discord can also tell which devices you use and how much you use each (since Discord is usually open in the background so that it can receive messages). This covers all applications and every time stamp of usage!
Discord records every single interaction you have with other users through its service. This means that Discord logs every conversation you have (through Discord) and records everything that you say and can view every image that you send through the service.
Therefore, very few, if any, of your interactions on Discord are private. Discord's privacy policy also states several times phrases such as "including but not limited to" which is legalese for “it may contain any number of other things that we need not explicitly disclose to you, the user, at this time”.
NB: All code is completely closed and not available in public!
Discord allows integration with other platforms utilizing an opt-in feature refereed to ‘social media integration’. This allows you to sync your ‘persistent user identity’ on Discord with your ‘persistent user identity’ on other platforms such as Facebook, Instagram and Twitter.
Confirmed within it’s privacy policy, Discord states that if you ‘opt in’ they can obtain an undisclosed amount of access to information about you held by the platforms with which you have chosen to link.
There have even been instances of Discord attempting to force users to disclose their telephone numbers, sometimes by logging users out and then requesting their numbers to allow re-connection, all just another way to garner additional metadata about you.
Even though we know Discord has invested heavily or maybe because we know what that can lead them to do, we need to recognize that they do log everything you do including the applications you have installed and use on your devices. They can log all kinds of metadata and then claim all is safe on their servers! No end-to-end encryption of any kind makes this by far the worst messenger when it comes to privacy that we have reviewed (to date!).
Remember that decentralize.today is not writing these reviews to make friends or get shoulder and belly rubs with back links from communities or applications we review. We say it as we see it.....make the reviews as we believe they are and at least try to impart some knowledge and information such that people can make informed decisions as to how much of themselves and their lives they want to give away.
For me, Discord is a stay away application when it comes to privacy and chatting, it’s a great way for gamers to chat, it’s maybe a great way to communicate, but so is Skype, WhatsApp and Facebook messenger, which are beholden to big corporations. Does that make them more or less dangerous? That is your personal decisions. Me? I try to stay away from them all including Discord!
Discord - Secure or not so secure?
