WhatsApp’s Privacy Policy and Data Protection law in India – UPSC GS3

WhatsApp’s privacy policy:
  • WhatsApp updated its privacy policy earlier this year.
  • Under this policy, WhatsApp can share data (such as location and number) with its parent company Facebook unless they delete their accounts altogether.
  • This attracted harsh criticisms from the government and experts.
  • There was also an exodus of user migration to rival platforms such as, Signal.
  • WhatsApp moved the deadline to May 15. Eventually, WhatsApp decided not to enforce the policy itself.
Reason behind WhatsApp’s Privacy policy:
  • The App has more than two billion users in the world. Among them, about half a billion are Indians.
  • The privacy policy aims to make business interactions easier.
  • At the same time, the policy aims to create personalised ads on Facebook.
  • In its affidavit in the Delhi High Court, WhatsApp has said that it is not forcing users to accept the updated privacy policy. As the users have the option to delete their accounts.
The Government response:
Ministry of Electronics and IT (MEITY) has sought a response from WhatsApp within seven days. Due to the following reasons:
  • The MEITY thought that the Privacy policy is discriminating against Indian users as Indians depend on WhatsApp for communication.
  • The ministry is also of the opinion that WhatsApp is imposing unfair terms and conditions. As the similar policy is not applicable for WhatsApp’s European users.
Concerns with government decision:
  • It is a business decision: The privacy policy reflects WhatsApp’s strong business decision. The users can avoid accepting the policy and delete their accounts. Even WhatsApp is ready to take the risk of user migrations to other Apps. This is also reflected in the WhatsApp affidavit.
  • WhatsApp is not the only one: Private apps such as Google, BigBasket, Koo, and public apps such as Aarogya Setu, Bhim, IRCTC, and others also use similar privacy policies.
  • India did not have General Data Protection Regulation or GDPR like the EU: The government instead of seeking a response from companies has to enact a data protection law in line with the GDPR.
Scroll to Top