Legal battle with WhatsApp’s Privacy Policy is in the limelight again.
Currently, data is the new oil. Being the most populous country in the world, India cannot afford a sluggish approach while dealing with intermediaries which may compromise citizens’ data. Since the take over by Meta in 2014, WhatsApp has raised eyebrows for data protection and privacy worldwide.
Amidst ongoing battle between WhatsApp privacy policy and Indian data protection law, let's have a look on country's approach for protecting national data.
The world's leading instant-messaging platform, WhatsApp has threatened to the Delhi High Court to leave India if privacy related issues are not solved.
It all started from modified IT rules 2021 which mandate social media platforms “to disclose the identity of the first originator of information upon request.”
During ongoing election season, the major concern set by Indian government is about data traceability as whatsapp has been charged with spreading hate speech or fake news.
The Ministry of Electronics and Information Technology (MeitY) has opposed the petition by Facebook and WhatsApp saying “WhatsApp had violated the fundamental right by denying users any mechanism for dispute resolution.”
WhatsApp previously mentioned: “Requiring messaging apps to trace chats is the equivalent of asking us to keep a fingerprint of every single message sent on WhatsApp, which would break end-to-end encryption and fundamentally undermines people's right to privacy.”
Advocate Tejas Karia, representing WhatsApp, emphasized that the platform’s users value the “privacy and security provided by its end-to-end encryption” feature.
“As a platform, we are saying, if we are told to break encryption, then WhatsApp goes,” he continued.
The court further said that privacy rights were not absolute and “somewhere balance has to be done”.
In August 2016, WhatsApp updated its Privacy Policy for sharing user data with Facebook despite assurances. The company mentioned it was for targeted advertisements. People who joined WhatsApp after August 2016 did not even get a chance to opt out of this option. In 2017, Supreme court started analysing privacy violations by WhatsApp.
Again in January 2021, WhatsApp launched a new Privacy Policy and Terms of Service, which did not allow users from pressing “I agree” to share data with other companies of Meta.
India’s pursuit of data protection started in 2008. The Information Technology Act, 2000 was amended to add Section 43A, which puts the “liability on companies to protect all sensitive personal data and information” that they handle.
As per the law, companies should protect this data with utmost security measures. The organisations may have to face penalty for non-compliance.
In December 2019, the Ministry of Electronics and Information Technology (MeitY) framed the Personal Data Protection Bill 2019 in the Rajya Sabha which faced multiple challenges mostly from corporation stakeholders and privacy activists.
Later, the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 were announced by the Centre on February 25, 2021. It requires social media platforms including Twitter, Facebook, WhatsApp, and Instagram to comply with the latest norms.
Kanika Seth, cyber lawyer and advocate at the Supreme Court of India said: “Right to Privacy is a fundamental right of every citizen of India and the Constitution of India grants and protects this right. Social media companies that collect data from their users ought to have fair, open and transparent Privacy Policies that respect and safeguard the rights of their users. It must also respect the choice not to disclose or use their personal data in any manner a user does not grant express consent for”.
Being the largest data economies in the world, India is working on specific framework and a regulator for protecting data.
