Government On WhatsApp Privacy Policy

In News

Government again warns WhatsApp to scrap the 2021 privacy policy.

About

  • The Indian government has for a second time asked messaging service provider WhatsApp to roll back an update of its terms of use, while Whatsapp had deferred the May 15 implementation of its terms.
  • The changes in its terms of use and the way they were implemented undermine the sacrosanct values of informational privacy, data security and user choice for Indian users and harms the rights and interests of Indian citizens.

(Image courtesy: https://lawyersgyan.com )

User Privacy Policy of Whatsapp

  • WhatsApp announced its controversial privacy and usage policy in early 2021. Initially, it was set to be enforced from February 15, later shifted to May 15.
  • Facebook and WhatsApp explained that the new privacy policy was necessary because WhatsApp had to share some info with Facebook to implement the e-commerce features in the app. 
  • The company claimed that it was all for the benefit of users. It was also necessary for the app to make the business accounts function better
  • WhatsApp has reiterated that its messaging app is end-to-end encrypted and that it doesn’t have access to your private chats or location. 
  • The company doesn’t share private messages or other data with Facebook. But, the new update will enable WhatsApp to use some of the “business conversations” hosted with the social network for advertising.

Issue and Challenges

  • Sharing User Data: Whatsapp processes user data and partners with Facebook to offer integrations across the social media giant’s products. This new policy will use the information for commercial exploitation.
  • Against Government Policy: The policy is not in tune with the IT (Intermediary Guidelines) Rules, 2011. The rules require a body corporate who collects, stores or otherwise deals with data to issue a privacy policy providing for certain safeguards, in addition to imposing various other obligations.
  • No protection for Users: Indian users are more vulnerable to Whatsapp’s new Policy due to the absence of any data protection law.
  • Conflicting provisions: Policy is against the recommendations of Justice B N Srikrishna Committee – The principle of Data Localisation, which aims to put curbs on the transfer of personal data outside the country, may come in conflict with WhatsApp’s new privacy policy.
  • Unnecessary Haste: Why is whatsapp in a hurry to implement it before India has a privacy law of its own.

Government of India’s Stand

  • In fulfilment of its sovereign responsibility to protect the rights and interests of Indian citizens, the government will consider various options available to it under the Law.
  • GoI had taken a strong position on the matter, and made it clear that it is not just problematic but also “irresponsible” for the messaging platform to leverage its position to impose “unfair” terms and conditions on Indian users, when many depend on WhatsApp to communicate in everyday life.
  • WhatsApp’s ‘discriminatory treatment’ to Indian users vis-a-vis users of Europe is unacceptable.

Way Forward

  • A legislation should be formulated which safeguards the rights provided to the Citizens under Article 21 of the Constitution-
    • which includes comprehensive surveillance reform prohibiting mass surveillance and 
    • institution of a judicial oversight mechanism for targeted surveillance.
  • Had this law been in place, this Policy by Whatsapp could not have been implemented.
  • Implement the recommendations of Justice B N Srikrishna Committee Report.
    • restrictions on processing and collection of data, 
    • Data Protection Authority should be established, 
    • right to be forgotten, 
    • data localisation, 
    • explicit consent requirements for sensitive personal data.
  • The government and civil society must engage in awareness programs to make the public aware of the importance of digital privacy. As most of the users of Whatsapp are not that digitally literate to understand the loss they will be suffering.

 

(Image Courtesy: https://dashamlav.com )

Justice K S Puttaswamy (Retd) vs Union of India Case

  • In 2017, a nine judge bench held that Indians have a constitutionally protected fundamental right to privacy.
  • It is intrinsic to Article 21 of the Constitution
  • The SC held that privacy is a natural right that inheres in all natural persons, and that right may be restricted only by state action that passes each of three tests:
  1. Legislative mandate to the action;
  2. Must be pursuing a legitimate state purpose;
  3. It must be proportionate i.e., the action, both in nature and extent, must be necessary in a democratic society and the action ought to be the least intrusive of the available alternatives to meet the ends. 

Personal Data Protection Bill, 2019

  • Introduced in Lok Sabha in Dec 2019 (not passed).
  • It seeks to provide for protection of personal data of individuals.
  • Establish a Data Protection Authority for the same.
  • The central government can exempt any of its agencies from the provisions of the Act: 
    • in interest of security of state, public order, sovereignty and integrity of India and friendly relations with foreign states, and 
    • for preventing incitement to commission of any cognisable offence (i.e. arrest without warrant) relating to the above matters. 
    • Processing of personal data is also exempted from provisions of the Bill for certain other purposes such as: 
      • prevention, investigation, or prosecution of any offence, or personal, domestic, or journalistic purposes.  
      • However, such processing must be for a specific, clear and lawful purpose, with certain security safeguards.

Source: IE