Hi all,
I’ve been asked to move comms amongst staff for cadet activities across to Signal or Teams from whatsapp as ‘it is not an approved platform’. However, couldn’t see anything detailed in ACP50 about whatsapp being a prohibited platform. If someone could point me in the direction of any MOD/RAFAC/RAF policy that says we should be moving off whatsapp, I would be very greatful!
There’s nothing official I’ve seen sent out.
I have however seen a leaflet about (MOD one) that also has WhatsApp approved for non secret use.
As far as I am aware, the reason WhatsApp isn’t approved is that it wouldn’t share its encryption details with MoD / Gov, so there was no way of knowing exactly how secure it was as a message app. Siganl tends to be the MoD platform of choice as they shared their secure encryption architecture so it could be vetted.
For normal staff chat, you can use what ever you like really. But for anything containing OS material, it must be Bader.
So staff group chats on WhatsApp are fine. Sharing loads of personal info on them is not. That should be email or Teams.
Totally understand it from a technical standpoint, as I come from a technical background looking at encryption and things like the Signal protocol (which Whatsapp also shares), but I was looking to see if there is anything in Policy about this, or even where it is? If you can link me to a policy or statement from the MoD/RAF/RAFAC about it being an approved platform of choice, that is what I’m after at the very least 
I think from my point of view, if you’re not discussing anything personal/OS, then it doesn’t need to be approved. You’re just chatting! Most staff chats are fairly off topic anyway in my experience 
But the SyOps policy and data management policy does dictate the use of Bader systems for anything OS and up, and any official comms.
MOD policy is that WhatsApp can only be used for social / welfare purposes, with nothing in the chats that could be used to identify any connection to the Service. There’s also advice not to use an identifiable name or profile picture.
Signal is approved to discuss work, but only at OFFICIAL: nothing sensitive.
Totally agreed with you there, and from a personal standpoint think its pretty common sense, But from an advisory aspect, looking for some written statement or policy I can refer to or refer others to to back my point. If you can find that MOD Policy stating use for only social/welfare purposes, that would be helpful.
And I agree, while we should be using bader platforms for things OSP, I’m seeing regional camps use Signal as a platform as they believe that OS subjects can be discussed on there (like movement of weapons etc - but not whatsapp apparently?) which makes zero sense to myself as I can’t see anywhere the MOD have approved Signal to be used for OFFICIAL SENSITIVE matters for example movement of goods - cause believe it or not alot of staff will tend to use whatsapp to discuss things like that for ease on shooting weekends etc)
I think you’ll struggle to find specific up to date policy on this.
The closest I can think of was the ban on TikTok usage. And the ban on connecting phones to certain cars.
So without anything else, you could argue we run a black-list policy rather the a white-list one.
The closest you’ll find will be the SyOps policy document I think.
I know I said ‘policy’, but I’ve never actually seen it in a policy document: only being cascaded by the CoC in Teams posts and Signal groups.
Only mention I can see re: WhatsApp is section 6.33 in ACP 050 if that helps - so seems to be an authorised platform. Would agree that as long as this isn’t used for OS messaging, you should be fine to utilise it.
I personally prefer to use Teams, and set up a group chat for each event I run.
That said I’ll engage with people on whatever medium is needed to get a response - Messenger / Email / WhatsApp
It’s not like we’re the US Def Dep organising strikes on Signal 