Commentaries

WhatsApp's New Privacy Policy: How Safe Are We Online?

AYUSHI NAYAK
February 03, 2021

Following WhatsApp's newer data policy, concerns arose over the fate of millions of users' data that the social media giant would be collecting. This app has tons of benefits for users on its plate, but what's scaring people more is the association of its parent company Facebook, which has been embroiled in myriads of scandals involving user data. Over the years, post numerous scandals, the Cambridge Analytica to name a few and a handful of documentaries in Netflix (The Social Dilemma being the latest) Facebook has garnered enough notoriety for itself to be known as a company that sells user data.

It is not the first time that Mark Zuckerberg's company is being scrutinized or reprimanded for its sketchy policies regarding user data. Time and again, it has been seen that Facebook Inc. has leveraged its monopoly in the market to make users abide by its spurious policies with data sharing over its app. WhatsApp's policies as doctored by its parent company (Facebook Inc) to reflect the possibility of commercial transactions involving the mingling amongst Facebook Apps is alienating users worldwide. Its new terms of privacy policy make it a compulsion for the user to press the, "I agree" button before the stipulated date or else they shall be barred from using the app.  As the option to opt-out remains absent, It gains the user's consent against their wish to harvest their datafrom WhatsApp and share it with the parent Facebook social networking service company. By making users agree to these policies, WhatsApp holds the following user information: Hardware model, Operating system, Battery life, Signal strength and network operator, Time Zone, IP address, Profile Picture, Name, Status and About.

To understand how WhatsApp or Facebook would utilize this data collected, it is imperative to understand the business model, which primarily requires sharing personal details of users to third-party advertisers and firms for ‘personalized ads or services’. It also means that the sly algorithm genie of Facebook would now stealthily use this information collected over WhatsApp to curate and modify your feed to manipulate your choices, opinions, beliefs and keep you invested in the platform. WhatsApp agreed to increase its deadline in a dire need to produce a robust response to the intense backlash they faced. The user has to approve the terms and conditions before May 2021. Several influential personalities, including Elon Musk (Tesla fame), condemned it and recommended people to switch to alternative platforms like 'Signal' messaging app. This policy also alienated a vast majority of people. It stands against the promise that Facebook made regarding collection of "as little as data" possible from its users back in 2014 when it acquired WhatsApp. 

Despite the "end to end encryption" feature of WhatsApp, the users' specific data now stands vulnerable.  What is to be noted is that this safety feature of WhatsApp is not available for business accounts, which means that while engaging with such accounts, data shared through text messages stands open to an infinite number of people. What's worse is that if the concerned business organization or the business account gets hacked, the details shared have no immunity against such attacks which might include the customer's bank details, bills, certificates or insurance. It doesn't eliminate the risk of another possible scandal like that of Cambridge Analytica. It might also prompt one to think about what roles Governments play. Do they become beneficiaries of these policies, or do they protect the citizens against these? India's cybersecurity expert Jiten Jain noted that the government worldwide are the sole custodian of their citizens' rights which can intervene and stop the policy from being put into place.

It also creates a need for stringent data protection laws in our country, making one question how safe are we online? In a letter to WhatsApp CEO Will Cathcart, India’s Ministry of Electronics and Information Technology had said the proposed changes to the WhatsApp Terms of Service and Privacy Policy, "raise grave concerns regarding the implications for the choice and autonomy of Indian citizens." India is a country with over 500 million internet users, a factor in itself which calls for a greater coherent legislative framework to govern data usage and safeguard privacy. Although the Personal Data Protection Bill was formulated in 2019, the bill is yet to receive a Parliament nod. The bill should legislate to cover emerging concerns as well. The GDPR in this regard serves as an excellent template. Adopting strategies similar to the GDPR would not only safeguard user privacy but also facilitate the Indian tech.

It is to be noted that WhatsApp's privacy policy remains unchanged for the European Union because of their strict GDPR (General Data Protection Regulation), which makes data collected against user consent illegal. It requires companies to be upfront about the reasons why they collect data. Breach of such a policy might cause a fine of 4% of the company's annual turnover. The GDPR  gives people a precedented control over what information companies hold of them and requires assurance from the company's behalf that the data is being kept safe. It also empowers people with the right to be forgotten as they might ask the company to erase or delete information, they store of them any time they please. But most notably in the view of the current scenario, the GDPR  makes companies prove that they have the user' consent to store data instead of the compulsion imposed by WhatsApp.

Organizations outside Europe that store EU citizens' data have to sign up for this rule, including Facebook Inc., to comply with these policies. In simple words, people in the EU have a choice to deflect WhatsApp's current data sharing policy. This sheds light on WhatsApp's problematic double standards, wherein it exercises different policies for Europe and India.

References

  1. Full Text: WhatsApp Privacy Policy, January 04, 2021,  https://www.whatsapp.com/legal/updates/privacy-policy/?lang=en
  2. "GDPR explained: How the new data protection act could change your life", Channel-4 News, May 23, 2018, https://www.youtube.com/watch?v=acijNEErf-c&feature=youtu.be
  3. "The Data Privacy Debate: Apar Gupta &Jiten Jain On new WhatsApp Privacy Policy", India Today TV, January 14, 2021, www.youtube.com/watch?v=se8Vv7dkh4E&feature=youtu.be
  4. "WhatsApp officials appear before House panel over privacy policy change", Indian Express, January 22, 2021, https://indianexpress.com/article/cities/delhi/whatsapp-officials-appea…
  5. "WhatsApp privacy policy update delayed: Everything that has happened so far", Indian Express, January 16, 2021, https://indianexpress.com/article/technology/social/whatsapp-privacy-policy-update-delayed-your-account-wont-be-deleted-7148553/
  6. “Working on addressing misinformation on user policy update, available to answer any question: WhatsApp”, PTI/ The Hindu, January 20,  2021, https://www.thehindu.com/sci-tech/technology/working-on-addressing-misi…
Author Note
Ayushi Nayak, Mass Communication and Journalism Graduate, St. Xavier's University, Kolkata.
Tags
WhatsApp, Facebook, Privacy