SUMMARY
WhatsApp has told the Indian government that it will not limit the functionality for users not agreeing to its new privacy policy but will continue to remind users about the update
On May 19, several media reports had claimed that Meity had given WhatsApp seven days to reply to a notice
The ministry also reiterated Competition Commission of India’s (CCI) claim that WhatsApp is misusing its dominant position in the Indian market
WhatsApp has partially agreed to India’s ministry of electronics and information technology (Meity) diktat to roll back its latest privacy policy update, which will share users’ meta data with companies including Facebook.
According to a report by news agency PTI, the messaging platform has told the government that it will not limit the functionality for users not agreeing to its new privacy policy but will continue to remind users about the update, and maintain status quo until the personal data protection law kicks in.
On May 19, several media reports had claimed that Meity had given WhatsApp seven days to reply to its notice asking WhatsApp to roll back its latest privacy policy update. The ministry also reportedly threatened to take legal action against the company if its response isn’t deemed satisfactory.
The ministry also reiterated Competition Commission of India’s (CCI) claim that WhatsApp is misusing its dominant position in the Indian market. CCI too is probing the latest policy, which WhatsApp believes to be just a “headline-grabbing endeavour”.
Back in April, Meity had also filed an affidavit in the Delhi High Court highlighting that WhatsApp policy violated Information Technology Rules of 2011 on five counts. The affidavit noted that the privacy policy fails to specify the types of sensitive user data being collected, fails to notify users of such collection, does not let them review or amend the information, withdraw consent later, or provide a guarantee against non-disclosure to third parties.
Under the new policy, WhatsApp will share metadata of conversations — transaction data, mobile device information, IP addresses, and other non-personally identifiable information — on how users interact with businesses. This move is tied to WhatsApp’s bigger ecommerce play as well as its super app ambition. Notably, WhatsApp has always shared data with Facebook since the latter acquired it in 2014, but until recently users had the option to opt out of it.
Many Indian users depend on WhatsApp for communicating and it’s irresponsible for WhatsApp to leverage its position in the Indian market to impose unfair terms and conditions, MeitY is reported to have said.
WhatsApp had introduced the policy on January 6, and it was supposed to come into play from February 8, 2021. However, the company decided to delay it till May 15, 2021, after massive backlash from users. Earlier this week, the company informed the Delhi high court that it has rolled out the policy as decided, but will not be deleting the accounts of users who haven’t accepted it for now. The company maintained that it was conforming to Indian IT laws and rules.
However, the central government informed the high court that the policy is in violation of the country’s IT laws, and it has written to Facebook CEO Mark Zuckerberg highlighting the same. The central government is currently awaiting a reply from Zuckerberg, Additional Solicitor General Chetan Sharma, appearing on behalf of the central government, said.
Recently, in response to a petition filed against WhatsApp’s privacy policy update in the Delhi High Court, WhatsApp submitted an affidavit highlighting that other tech companies and apps have similar policies and collect more data in many instances. In the affidavit, the company had cited privacy policies of internet companies — Zomato, Ola, Koo, BigBasket, Truecaller as well as government’s contact tracing app Aarogya Setu, and US tech majors Microsoft, Google, Zoom as examples to make its point.
India is still not close to a data protection law as the Personal Data Protection Bill is still to be tabled. With no law to mandate data leak disclosures and regulate the resolution of such incidents, companies get leeway to keep pulling the wool over the eyes of consumers.
