Privacy by Design

In the final months of 2025 and early 2026, two independent studies highlighted significant vulnerabilities in WhatsApp’s metadata management. The University of Vienna and SBA Research demonstrated the ability to enumerate 3.5 billion accounts through the contact discovery mechanism, while Tal Be’ery (Zengo) showed how cryptographic key IDs allow inference of operating system, device type, and approximate session age. Meta has begun implementing fixes, but the privacy implications remain significant. This article analyzes the nature of metadata, WhatsApp-specific risks, and presents open source alternatives based on federated protocols such as XMPP and Matrix.

Guide to Legal Prompting techniques for legal professionals: from the anatomy of an effective prompt to advanced techniques (Chain-of-Thought, RAG), with a focus on GDPR compliance, hallucination risks, open source vs. cloud models, and best practices for law firms. Includes in-depth analysis of the limitations of RAG (Stanford Study 2025) and operational guidelines for the safe use of LLMs in the legal field.

The “Privacy by Design” principle has been known for years and was the subject of the resolution adopted by the 32nd International Conference of Data Protection and Privacy Commissioners in 2010. The GDPR in Article 25 regulates the principle “Data protection by design and by default” perhaps better known as “Data protection by design and by default”. A premise is necessary. Confidentiality, “privacy”, in Europe is a fundamental right pursuant to Article 7 (Respect for private and family life) of the Charter of Fundamental Rights of the European Union which states: ...