India Gives WhatsApp 7 Days to Roll Back New Privacy Policy

India’s Ministry of Electronics and Information Technology (MeitY) on Wednesday has directed Facebook-owned messaging platform WhatsApp to take back its contentious new privacy policy, according to government sources quoted by ANI.

According to MeitY, deferral of the privacy policy beyond May 15, 2021, does not absolve WhatsApp from respecting the values of informational privacy, data security and user choice for Indian users, sources told ANI. MeitY has reportedly given WhatsApp seven days to reply to its notice. If WhatsApp’s response isn’t deemed satisfactory, the Indian government may take legal action against the Facebook-owned company.

The sources have maintained that WhatsApp meting out discriminatory treatment to Indian users compared to those in Europe is unacceptable. They have also claimed that with its new privacy policy, WhatsApp is misusing its dominant position as a messaging platform in the Indian market. India is WhatsApp’s largest market with 400 Mn users as of January this year.

Many Indian users depend on WhatsApp for communicating and it’s irresponsible for WhatsApp to leverage its position in the Indian market to impose unfair terms and conditions, MeitY is reported to have said.

WhatsApp’s new privacy policy, which allows the company to collect sensitive data from users’ chats with WhatsApp business accounts, was supposed to roll out on May 15. The company had initially maintained that users who don’t accept the privacy policy update will lose access to their WhatsApp account, leading to an uproar on social media. WhatsApp has since clarified in courts that no user accounts will be deleted. However, the platform will continue sending reminders to its users for accepting the privacy policy update.

The Indian government has maintained that WhatsApp’s privacy policy goes against India’s IT rules. An earlier petition in the Delhi High Court had sought directions to the Centre to force WhatsApp to either roll back its new policy update or provide users with an opt-out option.

In its counter-affidavit to the lawsuit ‘Dr Seema Singh v. Union Of India’, the Indian government had in March claimed that pending the passing of the Personal Data Protection Bill, 2019, the Information Technology Act, 2000, and the rules made under it, constituted the data protection regime in the country, which WhatsApp would be violating with its new policy.

The Centre had explained various counts of violation of the IT Rules, 2011, by WhatsApp. It said WhatsApp’s new privacy policy didn’t specify the types of sensitive personal data being collected and used very generic terms to describe the kind of data collected. The Centre had argued that the policy contained no distinction between personal data and sensitive personal data which will be collected from users.

WhatsApp’s new policy reads that content shared with business accounts “would be visible to several people in the business” and may be used by Facebook and its group companies for targeted advertising.

The policy says that some “businesses might be working with third-party service providers (which may include Facebook) to help manage their communications with their customers”. The company will, or has been, sharing the following types of user data with Facebook’s group companies: account registration information (phone number), transaction data (WhatsApp now has payments in India), service-related information, information on how you interact with others (including businesses), mobile device information, and IP address.

The Centre, in its reply to the Delhi HC, had added that while WhatsApp’s privacy policy talked about keeping users informed about the purposes for which their “information” may be collected, it didn’t explain what this “information” would entail. The Centre added that while the policy stated that third-party service providers may have access to user data, the names of these third-party service providers or their contact details weren’t disclosed.

During court proceedings, WhatsApp has claimed that Indian tech companies such as Zomato, Ola and Swiggy have similar provisions in their privacy policies. The messaging platform has claimed that if its 2021 privacy policy update is blocked by the court, it would undermine users’ freedom of transacting with a private party, also disrupting the services of other tech companies in India which are engaged in online grocery, telemedicine and food delivery. Several Indian tech startups have business accounts on WhatsApp to communicate with their customers.

Related posts

Leave a Comment