- May 29, 2021
- Posted by: Maestro Legal
Whatsapp’s recently updated privacy policies have raised concerns all over the country. The announcement was made through an in-app notification on January 4, 2021. This led to huge number of users switching to other messaging platforms. They were asked to accept the new policies otherwise they will lose the access to the accounts. The recent advent of updated privacy policies of Whatsapp has highlighted the lacunas that our Indian data protection laws have.
Rising Privacy Concerns over Whatsapp
As per the notifications released by Whatsapp in January, it would deprive users of their choice to share data or other information with other apps, including those owned by Facebook accompanied by a condition that if users do not accept the updated terms they will have to stop using Whatsapp from February 08, 2021. However, the new policies were going to be implemented on 15th May, 2021.
India’s reaction on the new policy
Why this triggers a problem?
If we take a look over the whole scenario, then we realise that this issue could be avoided if India had rigorous laws for the data protection. The unavailability of the strict laws has led to the violation of right to privacy of the people.
An important point that one should look for is the commitment that was made by Whatsapp when it was launched in 2009 which read – – “to not sell user data or personal information to any third party”. The statement made by them was changed in 2014 when Facebook took control over Whatsapp and when it started sharing its data with the parent company Facebook in 2017. No doubt in 2017 the users were given a choice to stop sharing their data but this time Whatsapp has made a pre-requisite to agree on the updated privacy policies to continue the use of App.
The data now shared on this platform would be used for monetary gains. This also indicates that the aim for which WhatsApp would be using personal data and information is not even remotely connected to the purpose for which users had shared that information on the app.
Its lack of effectiveness to provide remedies or relief in such situations are in contrast with the legal frameworks that are in place in other jurisdictions, most particularly the European countries. These countries are furnished with the laws that can impose fines on Facebook for sharing and using information unnecessarily through WhatsApp. This clause took effect when the Competition Commission of certain European countries forced this condition on Facebook during its acquisition and purchase of WhatsApp.
A way forward
It has been proposed that until a rigorous and concrete law comes into force with respect to Data Protection complications, the Court should restrain itself from executing the new policy put forth by Whatsapp. Supreme Court has also directed Whatsapp and its parent company, Facebook, to submit their replies on the petitions and emerging issues on this mass privacy violation.
The PDP Bill needs to be modified in certain ways to ensure that in future these arbitrary clauses in such online policies do not deprive the users of the rightful protection they are entitled to under the Right to Privacy. One of the important inclusions that the PDP Bill must have is a clause or term in the law that prohibits the changing or modification of the terms of a contract after its enforcement. For instance, WhatsApp modified the terms of its contract that caused variations in a clause that was contrary to its initial commitments and objectives. Moreover, since the PDP Bill has not been passed yet; it becomes critical to look to other alternate legal provisions and statutes that may offer protection in such situations. For instance, the Information Technology Act of 2000, under Section 87 grants the government the authority to come up with regulations that can put a stop to arbitrary policies introduced by online platforms that pose a threat to privacy and data protection rights granted to individuals. A company should not be able to modify terms for their benefits and force users to abide by it because they consented to the initial terms. The terms of these contracts should be regulated and privacy laws must ensure that changes in these policies have undergone user consent.