News Based on facts, either observed and verified directly by the reporter, or reported and verified from knowledgeable sources.
When Data Privacy Becomes a Subject of Faith
In late 2020, as the coronavirus ravaged London鈥檚 minority communities, Ibrahim Javed was losing sleep over data. He鈥檇 developed an app, Salah Space, to allow worshippers to book time slots for prayer at mosques, which had limited capacity during the pandemic. But for his app to work, it needed to collect data from British Muslims.
Over the past year, Javed has been thinking more about his role in what he describes as 鈥減reserving the sanctity of Muslim data.鈥 He鈥檚 part of a new generation of Muslims in the technology industry who view their users鈥 data and privacy as an amanah, or trust, that they have a sacred duty to uphold. And increasingly, amid a broader cultural shift around digital privacy, Muslim users are pushing app developers like him to maintain that trust.
鈥淭his is what scared me,鈥 said Javed, who also is the founder of the faith-based tech-for-social-good nonprofit Deen Developers. 鈥淲e鈥檙e building something for the community鈥攈ow do we ensure that no one has access to this data? Because it鈥檚 valuable and potentially can be used to hurt our communities. How do you build a solution in the safest way possible without infringing on anyone鈥檚 rights?鈥
Many Muslim software developers are concerned with the possibility of troves of Muslims鈥 personal data being exposed in a data breach, whether it is a general leak of user data, or part of a targeted hack or harassment campaign by anti-Muslim groups. They are also wary of taking part in the .
We as Muslims have just felt the consequences of privacy violations sooner than everyone else.
For Muslims, the matter of digital privacy is also deeply interwoven with fears of government surveillance and Islamophobia. Invasive post-9/11 counter-extremism and intelligence programs, such as the and , weigh heavy on many young Muslims鈥 minds, as do new revelations about how . Such realities inform the choices of many Muslims building, or simply using, technology.
In November 2020, a few months before Salah Space launched, Vice News published an investigation revealing that the popular Islamic prayer timing app Muslim Pro and dating app Muslim Mingle were among . That data, the report alleged, was eventually bought by U.S. defense contractors before landing in the hands of the U.S. military. Muslim Pro dismissed the report as 鈥渋ncorrect and untrue鈥 and said it was cutting all ties with the data broker.
Regardless, the expose led to mass deletion of the app鈥攁nd a shift in many Muslims鈥 vigilance about digital privacy.
鈥淭he Muslim community knows that they鈥檙e under heightened surveillance, since 9/11 and even prior to that,鈥 said Electronic Frontier Foundation attorney Saira Hussain. 鈥淪o when people found out their data from Muslim Pro was being vacuumed up by a third party they didn鈥檛 even know existed, for example, many people saw a clear invasion of privacy. And many people said, 鈥極h, I expected this.鈥欌
The news sent shockwaves throughout Muslim communities around the world. 鈥淭his is wild and unacceptable,鈥 Texas imam . 鈥淣o Muslim app should be selling data, especially not like this.鈥 The Islamic Leadership Council of New York warned members of its 90 organizations to delete the apps. over the apps鈥 鈥渂etrayal鈥 of Muslims and advised finding alternative ways of finding prayer times, from printing out timetables to using old-school alarm clocks that play the Arabic call the prayer.
鈥淲e as Muslims have just felt the consequences of privacy violations sooner than everyone else,鈥 said Abdul-Rahman Abbas, who co-founded a privacy-focused prayer app called to fill the gap for Muslims like him who had deleted Muslim Pro. 鈥淎s a result, we鈥檝e all become quite paranoid. And rightly so, to be honest with you.鈥
We have a trust between us and the community.
The Pillars app was born out of a conversation in one of those group chats, where local Muslim students were seeking alternatives to Muslim Pro. But truly secure apps were difficult for non-experts to find and verify: One cybersecurity analyst鈥檚 examination of privacy policies for 50 Islamic prayer apps found that such as advertisers.
Pillars was launched in April as a result of an ongoing process of gathering feedback from Muslims on social media. The simple, ad-free app has since received over 1,000 daily downloads on average.
鈥淲e have a trust between us and the community,鈥 said Pillars co-founder Tariq Imaad Jamal, a computer science student at University College London. 鈥淎nything we do in which we deal with the community, we have to maintain that trust and make sure we鈥檙e doing the right thing.鈥
The app does not collect any user data. All information, from a user鈥檚 location (needed to provide orientation toward Mecca) to prayer times (which vary by location, time of year, and among different schools of Islamic thought), is stored locally on the user鈥檚 phone.
鈥淲e can鈥檛 touch it,鈥 Jamal said. 鈥淲henever there鈥檚 a feature that we鈥檙e considering implementing down the line, our first question is, can we maintain the security of our users鈥 data?鈥
Deliberately, the creators are making their identities known and themselves easily accessible for feedback鈥攁nd also as a matter of public accountability, should they violate their users鈥 amanah.
Data privacy consultant Jamal Ahmed, who launched to promote better privacy practices among Islamic charities, says . While the European Union鈥檚 General Data Protection Regulation laws only 鈥済ave Europeans data privacy in 2016, our prophet established data privacy as a basic right over 1,400 years ago,鈥 he quipped.
Several groups that offer their cybersecurity and digital hygiene training say they are seeing heightened interest from Muslim activists and Islamic institutions.
Ahmed points to several prophetic traditions and Quranic injunctions requiring Muslims to cover their awrah, or intimate and private parts, and which warn against exposing their own or other believers鈥 weaknesses. The Prophet Muhammad also forbade trespassing and peering into others鈥 homes, even saying that if a homeowner threw a stone that killed a peeping tom, it would not be a sin.
鈥淭hese tech companies are collecting much more invasive and intimate information about people鈥檚 thoughts, preferences, and behavior than they could ever learn by peering into your house,鈥 Ahmed said. Just as with the metadata collected by apps like WhatsApp, which many users deleted after a , Ahmed said 鈥渢hey don’t actually need to know the contents of your messages to understand a lot more about you than you probably know about yourself.鈥
After the Muslim Pro news emerged, the American Civil Liberties Union filed a public records request about the . The ACLU called it 鈥測et another betrayal of trust鈥 and a violation of the religious freedom of U.S. Muslims. The into the 鈥済overnment鈥檚 use of personal data to target the Muslim community here and abroad.鈥 Led by a group of officials including Muslim Representatives Rashida Tlaib and Ilhan Omar, 18 members of Congress signed a letter to the Secretary of Defense and Director of National Intelligence and questioning whether they were part of 鈥渟ystematic, warrantless surveillance of the Muslim-American community contrary to the privacy protections guaranteed in the U.S. Constitution.鈥
For the creators of Salah Space, finding privacy solutions that satisfied both the needs of the developers and the users required collaborating with Muslim lawyers, Islamic scholars, mosque board members, programmers, and members of the wider Muslim community. They decided to allow anonymous prayer time bookings, set all data to be deleted after two weeks, and encrypt all collected data, only releasing what is necessary for specific and verified government contact tracing to control the spread of COVID-19.
鈥淲e鈥檝e got 180,000 bookings on the platform, and there have been no COVID outbreaks at any mosques using our platform, so I feel all right about the good we were able to do,鈥 Javed said.
For some critics, such precautions are still insufficient. Ahmed, the data privacy expert, argued that any possibility of a data breach or government request to hand over data on an already-targeted community is too risky. Among users of Pillars, too, some are urging the developers to make the app fully open-source, allowing its source code to be audited and freely used by anyone.
Several groups that offer their cybersecurity and digital hygiene training鈥攕uch as Ahmed鈥檚 organization, Kazient, and the South Asian tech organization Equality Labs鈥攕ay they are seeing heightened interest from Muslim activists and Islamic institutions in the wake of Vice鈥檚 expos茅, as well as an increase in doxxing campaigns and other digital attacks against Muslim organizers.
Sharmin Hossain, Equality Labs鈥 political director, says her whole family had used Muslim Pro. Now, her main concern is increasing digital security literacy so that privacy-focused tools, like messaging app Signal and the Tor browser, become 鈥渟omething that your average uncle who works at a bodega can access.鈥
鈥淚t鈥檚 a ripple effect,鈥 she said. 鈥淚 might not be able to say that a certain big mosque in Dallas is following digital security best practices. But people within that congregation have some level of knowledge about the risks of data mining and doxxing and social media surveillance, and how to mitigate them.鈥
Aysha Khan
is a Boston-based journalist covering religion and culture. She has worked as a reporter covering U.S. Muslims for Religion News Service and held fellowships with The GroundTruth Project, the Maynard Institute for Journalism Education, the Journalism and Women Symposium and more. She is a member of RNA, SAJA, and JAWS. Aysha is based in Boston, MA, and speaks English and Urdu. She can be reached at http://aysha.us/
|