We often have a tendency of not reading privacy policies because of sheer laziness. Most websites require users to indicate that they have read the policy when they first provide their information. Thus, there are a lot of things that any individual must be aware of in order to avoid a breach of privacy by unknowingly signing up for something against what they tend to believe in otherwise. It is essential to note that a privacy policy is a statement or a legal document that discloses some or all of the ways in which a party gathers, uses, discloses, or manages a client’s data. Any website or application that gathers data about its users, simplest of all, is required to have an elaborate privacy policy. This includes sites that track users’ behaviour through cookies, eCommerce sites or companies that simply send out occasional newsletters or offers. Facebook recently released a WhatsApp privacy policy update that has garnered a lot of criticism and raised concerns about online privacy.

What Did Whatsapp Announce?

WhatsApp notification informing Android and iPhone users about its updated privacy policy - Whatsapp Privacy Policy Update
WhatsApp notification informing Android and iPhone users about its updated privacy policy

The issue of WhatsApp’s new Privacy Policy is something of concern and off late too many people have been talking about it. What starts to strike one is how wrong can a Privacy Policy be?  “Respect for your privacy is coded into our DNA. Since we started WhatsApp, we’ve aspired to build our Services with a set of strong privacy principles in mind.” is exactly how the WhatsApp Privacy Policy begins.

However, this statement might not remain true to itself as WhatsApp is giving a deadline of February 8, 2021, to accept the new policy or delete the account. Users, as of now, have the choice for opting the ‘NOT NOW’ option when the in-app notification pops up. However, once the deadline to read and accept the terms is crossed, one would either have to stop using the app of agreeing to the said terms and conditions as laid down by them.

According to reports, this Facebook-owned messaging service has already sent pop-up messages to users in a lot of regions, including India, asking them to accept their new privacy regulations. Users failing to agree to their revised terms by the cut-off date will be at risk of being cut off, the company said in the notification. This means that, while the profiles will remain inactive, WhatsApp will eventually delete those accounts after 120 days of inactivity as part of their efforts to maintain security, protect the privacy of users, and limit data retention.

How Is Facebook Related?

WhatsApp has already been sharing “certain categories of information” with Facebook as it had purchased the messaging service back in February 2014 and has been trying to gradually integrate the two platforms and share date more closely between them. The updates to WhatsApp terms and privacy policy happened soon after Facebook announced their privacy-focused vision to integrate and super-sync WhatsApp, Instagram, and Messenger together promising to provide a more integrated experience to users across its services. But this service definitely comes with a cost!

Key Update(s) in WhatsApp Privacy Policy

The key update(s) concern how they process user data:

  • The policy mentions that “businesses can use Facebook hosted services to store and manage their WhatsApp chats” and WhatsApp has partnered with Facebook to offer integrations across the Facebook Company Products.

Wondering What Facebook Company Products Comprise of?

Facebook Company Products refer to WhatsApp’s family of services, including Facebook app, Messenger, Boomerang, Instagram, Threads, Oculus VR headsets, Spark AR Studio, Portal-branded devices, Facebook Shops, Audience Network, and NPE Team apps. The list unsurprisingly and predictably happens to be too long. It isn’t inclusive of Workplace, Oculus Products that are tied to Oculus accounts, Free Basics, and Messenger Kids.

  • The “Mandatory Changes” as mentioned allow WhatsApp to share more user data with other Facebook companies including account registration information, transaction data, phone numbers, service-related information, mobile device information, interactions on the platform, IP address, and other data collected based on users’ consent.
  • Also, this data-sharing privacy policy with Facebook and the other services doesn’t apply to EU states that are part of the European Economic Area (EEA) which are governed by the GDPR data protection regulations.

What’s Fishy About New WhatsApp Privacy Policy Update?

  • In the updated policy, company elaborates and expands on the “Information You Provide” section with details about payment and transaction information collected during purchases made via the app.
  • It has also replaced the “Affiliated Companies” section with “How We Work With Other Facebook Companies” that talks about how it uses and shares the information gathered via WhatsApp with other Facebook products or third-parties.
  • Another section that received a major rewrite is the “Automatically Collected Information”. They further divide it into four sub-categories, namely Location Information, Device and Connection Information, Usage and Log Information, and Cookies, clearly implying that all the activities of users related to them are under a constant watch.
  • WhatsApp’s revised policy also spells out the kind of information it gathers from users’ devices like hardware model, operating system information, battery level, signal strength, app version, browser information, mobile network, connection information (including phone number, mobile operator or ISP, language and time zone, IP address, device operations information, and identifiers (including identifiers unique to Facebook Company Products associated with the same device or account).
  • “Even if you do not use our location-related features, we use IP addresses and other information like phone number area codes to estimate your general location” was claimed by WhatsApp’s updated policy.

A Matter of Concern

There’s no denying that privacy policies and terms of service agreements are often very long, boring, and seems as if it’s deliberately designed with an intention to confuse the users. But it’s essential to read them instead of blindly consenting. Having read the WhatsApp policy, it will probably make you think twice before handing over so much data for a messaging service. At the end of the day, it is not all black and white. We are aware that WhatsApp is a part of Facebook and most of the collected data by Whatsapp is providing a whole new level of integration and convenience.

A lot of users on Twitter have been convincing one another into getting off WhatsApp and making a sensible shift to alternate encrypted messengers like Telegram and Signal. Signal has responded to the ongoing issue by sharing how users can transfer their group chats from some other messaging app to Signal making it a much more reliable option and a better alternative.

Facebook is attempting to normalize the whole idea of data collection through an app that otherwise claims end-to-end encryption. It’s a personal choice and okay to keep using WhatsApp if sharing data and the possibility of targeted ads is not a big deal. On the contrary, if you care more about your privacy, WhatsApp is definitely compromising on it. It is extremely alarming and thus recommended to go through the policy thoroughly before it’s too late. After all, it is your data!

Major References:

  1. WhatsApp Privacy Policy – https://www.whatsapp.com/legal/privacy-policy
  2. Facebook Data Policy- https://www.facebook.com/policy.php
Aheli Bose

Leave a Reply

Your email address will not be published. Required fields are marked *