What we know about video conferencing with Whereby
David Huerta
Nov. 9, 2023
If you work remotely on the web, you’re probably getting comfortable with multiple video chat tools. At Freedom of the Press Foundation (FPF), we’ve published a high-level comparison of some common video chat applications, while many others maintain detailed comparison spreadsheets to help you compare dozens of tools. We also wanted to dive deeper into what we know about a few individual tools. This fact sheet will detail some security, privacy, usability, and anti-abuse properties of Whereby. In particular, we focus on properties that are critical to high-risk users, like journalists, and have developed a series of questions to help examine these properties.
In our fact sheets, we’ll be taking a closer look at several tools in common use at media organizations. We can’t possibly cover them all. But in addition to Whereby, we’ll examine…
Each of these platforms changes regularly, so check back to see our regular updates. And if you see anything wrong, let us know at freedom.press/contact.
Threats to press freedom around the world are at an all-time high. Sign up to stay up to date and take action to protect journalists and whistleblowers everywhere.
Thanks for signing up for our newsletter. You are not yet subscribed! Please check your email for a message asking you to confirm your subscription.
Whereby was first known as Appear.in, a small Norway-based startup that was later bought by Videonor. Much like Jitsi Meet, Whereby is a completely browser-based video chat platform, so all you need is a link to open in a browser to join, without a separate app, or even a Whereby account, unless you’re the room’s owner.
Whereby’s business model is centered around subscriptions, with paid tiers subsidizing the cost of its free tier instead of relying on advertising or other commercial data collection. Its target customers are remote knowledge workers, with a blog featuring tips on working from home and distributed work in general.
No. Whereby uses a password-free login mechanism where a unique code is sent to your phone or email address. This is commonly seen as a second factor on top of a password, but without the password it’s just one factor.
Yes. Whereby uses standard transport layer security, or TLS, to secure traffic between your computer and its servers. For paid “large meeting modes,” video and audio use WebRTC but are encrypted and decrypted on Whereby’s servers, not peer-to-peer or end-to-end encrypted as WebRTC is typically designed to be.
In "small meeting mode," (two meeting participants) Whereby uses the WebRTC standard in a standard peer-to-peer architecture, which is end-to-end encrypted. As with other peer-to-peer systems, however, your IP address and, thus, potentially your approximate physical location, may be exposed to other parties in the chat. If location privacy is paramount, we recommend utilizing a VPN, which can prevent WebRTC leaks, and an up-to-date browser to keep your location protected from others in a Whereby small meeting mode room.
In a response to an email from FPF, a representative from Whereby’s PR team said there was a third-party penetration test on Whereby’s application code conducted in September 2020, but does not plan on publicly releasing the results of the test.
We could not find publicly available examples. We reached out to Whereby to learn more.
"We have not had any severe vulnerabilities or security issues that have been reported or we have identified [by security researchers]," it told us. Whereby did say it had previously paid a few bug bounties on a case-by-case basis, but the severity of the vulnerabilities discovered by bug bounty recipients was not disclosed.
It doesn't. There are also no documented endpoints in the Whereby API that account for contacts, suggesting it doesn’t provide this capability.
You need an account to create a room, but not to join one.
According to Whereby’s privacy policy, collected data varies between free and paid users, but may include standard web metadata such as device, browser versions, and IP addresses, which may be correlated with location. Other metadata includes user roles, analytics data (if you opt in), billing data for paid users, and email addresses⁠⁠. If you use Google to sign in, Whereby retrieves the email address you have associated with that Google account. Additionally, a near-complete collection of your Whereby account metadata may also be found in a raw form with a GDPR user data export.
Whereby has a subscription-based business model and claims not to sell user data.
According to Whereby’s privacy policy, data associated with your account is deleted immediately after choosing to delete your account, unless retained for regulatory compliance. Rooms are retained until you choose to delete them, and transaction information is stored for a minimum of five years and a maximum of ten years. Recorded video is stored in your web browser’s local storage, rather than on Whereby’s servers, and that data can be cleared in your browser’s cache settings.
No.
No.
According to Whereby’s chief product and technology officer, this has been handled on a case-by-case basis historically, but recently Whereby has let users know of law enforcement requests if they are affected, unless they’re anonymous users and have no way of contacting them.
Aforementioned metadata. Video is not recorded, and host-recorded video lives locally in-browser only. Location data in terms of IP addresses are kept for 90 days. Billing information is kept for a longer, unspecified period of time due to local laws, but billing information is not required for the free tier.
No. Whereby's top tier maxes out at 100 participants.
Yes.
Rooms are "locked" by default so that the room owner has to approve whoever joins. To approve guests, a guest “knocks” from a “waiting room.” The owner can then get their presented name and video feed to see if it’s one of their guests or someone they weren’t expecting.
100 participants.
Whereby has made some improvements so that its website is more screen-reader friendly.
Only a room host can record video/audio, and it's saved in-browser using the Whereby browser extension and not on Whereby’s servers. Chats are treated ephemerally and deleted server-side and client-side after a session ends. Chats are not included in video recordings.
Yes, but only if they’re a room owner.
Yes, but only if they’re a room owner.
Now that you’ve read all about the platform, you can evaluate whether it’s right for your situation. If you want to check out another platform, consider looking at our short guide for a high-level comparison, or this videoconferencing guide for many more details. And, as always, contact our training team if you need more assistance.