WhatsApp sends Cease & Desists for apps that use native Android APIs
WhatsApp is one of the most popular applications available on smartphones to date with over a billion active users per day. Bought by Facebook back in 2014 for $19 billion, skeptics feared how the application would be managed from there on out. Fortunately for users, it seems that little has changed despite some concerning developments behind the scenes. Unfortunately for developers, there’s been one area where we wish the company had changed: their stance towards third-party developers. The company is sending out a new round of Cease and Desist letters to independent Android app developers, but this time their claims have a lot less merit.
What’s up with WhatsApp?
WhatsApp is one of the largest services on the planet so it’s no surprise to see them aggressively protect their brand by preventing abuse of their platform. That’s perfectly fine and why we can understand why the company previously went after third-party clients even if we don’t agree with the decision. Applications that use a service’s APIs are walking a tightrope because the service can change their API’s Terms of Service whenever they want to kill third-party clients (so long as they inform users of any changes). Developers of third-party Twitter clients know this all too well.
But that’s not what’s happening this time. A legal firm representing WhatsApp has sent Cease and Desist letters to at least two independent Android app developers – the developers behind Can’t Talk and DirectChat – demanding that they remove functionality from their app or face litigation. Neither of these applications uses any code from or interfacing with the WhatsApp service. Rather, these applications utilize standard Android APIs, Notification Listener and Direct Reply, to function. Thus, the demands to strip these apps of any functionality related to WhatsApp is dubious at best, and malicious at worst.
You can view a redacted version of the Cease and Desist letter below that the developers received from the legal firm representing WhatsApp. XDA-Developers can confirm the authenticity of the original letter. We have reached out to WhatsApp’s parent company, Facebook, for comment.
Breaking down the Cease and Desist letter
There are a number of claims made by the letter which does not accurately reflect the functionality of each application with respect to their WhatsApp integrations. Let’s break down some of these claims:
- “You agreed to these Terms of Service by installing, accessing, or using the WhatsApp Services.”
- Neither of these applications uses any APIs from the service. Further, the developers never agreed to the Terms of Service in the first place because they aren’t using any of their APIs.
- “Reverse engineer, alter, modify, create derivative works from, decompile, or extract code from the WhatsApp Services.”
- Neither of these applications is WhatsApp specific and make use of native Android APIs rather than any code from WhatsApp itself.
- “Gain or attempt to gain unauthorized access to the WhatsApp Services or systems.”
- By that logic, Android itself violates the ToS as it processes each notification and keeps a log of notifications.
- “Collect the information of or about WhatsApp’s users in any impermissible or unauthorized manner”
- The users explicitly download and install this app on their own.
- “Sell, resell, rent, or charge for the WhatsApp Services”
- The apps do not rent or sell access to the service. Both apps can’t function unless the original WhatsApp application is installed.
Nearly every claim in the letter is faulty or is too vague to address how the apps violate these terms. Nevermind the fact that none of the developers behind these apps agreed to any ToS in the first place, making these agreements moot anyway. The letter does state that the list of alleged violations is non-exhaustive, though. Unless there is a term not covered here that these applications violated, then we fail to see how these apps violate the ToS. Even the use of the WhatsApp brand name in the Play Store description for each app might violate their trademark and not the ToS.
The developers have seven days to comply or they will presumably face a lawsuit. Can’t Talk has already been removed from the Play Store while the developer evaluates their options, while the DirectChat app is still available but may be altered to remove access to the WhatsApp integration. Removal of the integration would deal a major blow to each app since the majority of their users are likely using these apps for that specific integration – WhatsApp has over a billion active users each day after all.
Applications that received Cease and Desist letters
Can’t Talk‘s premise is simple. All it does is automatically reply to people when you aren’t around, making use of the quick reply (RemoteInput) API native to Android. If you’re driving a car, watching a movie, or simply don’t want to talk at the time, then the application can reply for you with a preset message. It can also send a text to somebody who tried to call you as well. It’s a paid application if you want to support more than SMS and calls, such as WhatsApp, Slack, and a lot more. Basically, any messaging service that allows you to send a quick reply via the notification you can use Can’t Talk with.
DirectChat is another useful application. It works just like Facebook Messenger’s chat bubbles but it supports a lot of different applications too. It feeds your chats into another window where you can then reply back as well. Its most popular usage was probably with WhatsApp.
What happens next?
The takedown of these applications for use of native Android APIs sets a dangerous precedent for future takedowns by large companies. If this continues, what’s stopping WhatsApp from demanding the takedown of any notification manager application, regardless of its specific use for WhatsApp. Independent app developers don’t have the resources to combat these claims so most just give in. We’ll be following the situation closely and will update you if we hear back from either Facebook/WhatsApp, the affected developers, or another party involved in this situation.