Introduction On 4 January 2021, WhatsApp announced its new privacy policy in India. In this policy, WhatsApp will share data with Facebook by taking permission of users and the messages of their business accounts. This new policy has caused privacy concerns for the people who are using the application. This step is taken only in India as India does not have a robust data protection regime. Privacy experts and antitrust bodies raised an alarm at this as India is more vulnerable to it. Though most users on digital platforms agree to policies without reading them.
What is updated in the privacy policy
WhatsApp introduced its updated privacy policy on 4th January 2021 and notified the users with the only option to accept it. Users were provided deadlines in order to continue using the app. The updated policy made it clear that WhatsApp will collect:
> Profile pictures > Profile Names > IP address > Device information > Location-related information > Usage information > Phone number stored in the address book > Transaction and payment data > User phone number > Status information WhatsApp will share this information with third parties and Facebook companies.
Issues related to new WhatsApp policy
> WhatsApp will collect data and share it with Facebook-owned companies and with third parties as well.
> It will collect IP addresses and location information. The data is used for ad purposes.
> By transferring personal data out of jurisdiction, it will violate the principle of data localization. > Usage of information beyond the purpose will violate the principle of purpose limitation without consent is taken at the time of collection.
> The jurisdiction for any dispute is resolved in the district court of California.
> And if users will disagree with the updated policy then they have to leave it (take it or leave it)
Government of India highlights KS Puttaswamy judgment and wrote to WhatsApp head about it:
> To withdraw the latest privacy policy and term sent to users through messages > To respect information privacy and data security of Indian users > Make more clear about data- sharing protocol > To know what are the exact categories of data to be collected from Indian users
> About permission and user consent and utility of each of these concerning the functioning and specific service provided
> To provide the difference between its privacy policy in India with other countries > If WhatsApp conduct profiling of Indians over the usage of the application
> Details about data security, cyber security, information security, privacy, and encrypted policy
The government of India was also called for submission in the petition filed in Delhi High court against their new privacy policy. The Ministry of electronics and information technology for submission to court about types of sensitive personal data being collected, and no option for review and withdrawal consent. By sharing information with Facebook or third parties
leads to violation of Rule 6(4) of the information technology act,2002 which prohibits the disclosure of data received by the third party from body corporate.
Petition and CCI probe in this matter
The three petitions filed in Delhi High court against the WhatsApp new privacy policy and the party include Government of India, WhatsApp, and its parent Facebook was called to submit the written reply and rejoinder on the matter for the next hearing adjourned in later August, and the decision was also awaited. Confederation of all Indian traders also approached the supreme court. However, the plea is pending before the supreme court as well as the high court and most importantly apex court stated: “thatyou may have USD 2 to 3 trillion company but people’s privacy is more valuable for them and we have to protect their privacy ” to WhatsApp. Other hand competition commission of Indi a (CCI) took Suo Moto cognizance and launched an investigation on the controversial privacy policy of WhatsApp. The investigators conclude that the policy prima facie is valid in section 4 of the competition act, 2002. They order to observe that policy enables WhatsApp to share the data with Facebook and third parties. This privacy policy is mandatory and consensual and imposes a” take it or leave it” condition on users. CCI endeavors to explore anti-trust thread in privacy regime put it on tier -1 of global antitrust agency to explore. This order was challenged by WhatsApp in the court and the latest judgment was also made by the Delhi High court by giving time to WhatsApp till March for the response over notice issued to them by the antitrust regulator. CCI ascending order that the data sharing policy is explorative and could have easily affected which potential to undermines the competitive process and create for the barriers to the market.
• Expedition of Data Protection Law-
India's data protection law has been weakening for two years now. If India has the data protection law then WhatsApp will not able to go ahead with the update. So we should finalize our data protection law.
• Public awareness- According to many exports WhatsApp users in India will not care about the privacy policy but we should make them aware and the government and civil society must engage in awareness programs to make public about the importance of digital privacy.
Conclusion
Lastly, we can conclude that WhatsApp has provided its separate policy for India only not in European countries, California or Brazilian due to the existence of a data protection law in their countries. As India does not have a data protection law so the privacy is inferred and the right to privacy is meaningless in absence of Data protection law. The privacy of billions is a too important thing to people left behind just to practice enterprise. It will be reassuring if strong law guarantees it.
• https://www.theleaflet.in/whatsapp-privacv-controversv-and-indias-data-protection- bill/
• https://www.livelaw.in/tags/whatsapp-privacv-policv
• https://www.drishtiias.com/dailv-updates/dailv-news-editorials/new-whatsapp-policv- privacy