India Reportedly Demands WhatsApp Reverse Its ‘Discriminatory’ Privacy Policies

India Reportedly Demands WhatsApp Reverse Its ‘Discriminatory’ Privacy Policies
Photo: Drew Angerer, Getty Images

The international uproar over WhatsApp’s new privacy policy got a jolt of energy this week, with a new letter reportedly from Indian authorities telling the company to walk back its changes to the platform — or else.

TechCrunch was first to get its hands on a leaked letter it claims was sent to WhatsApp by India’s Ministry of Electronics and Information Technology (or MeitY), detailing how the platform’s “problematic” policy updates unfairly target the roughly 400 million WhatsAppers in the region. While these users are essentially being strong-armed into accepting these new terms at the risk of losing their accounts, MeitY’s letter allegedly takes issue with the fact that WhatsAppers across the EU are free to opt-out from the new updates with no repercussions at all.

“It is not just problematic, but also irresponsible, for WhatsApp to leverage this position to impose unfair terms and conditions on Indian users, particularly those that discriminate against Indian users vis-à-vis users in Europe,” the ministry reportedly wrote. Per TechCrunch, the letter gives WhatsApp a week to offer some sort of “satisfactory” response to these accusations, after which the agency will look into taking legal action against the company.

Gizmodo wasn’t able to independently verify the content of the letter in question. When asked for comment, a WhatsApp spokesperson said that the company “[continues] to engage with the government,” and reaffirmed what it’s been saying over and over for the past few months: that any data-sharing between WhatsApp and Facebook won’t touch people’s personal messages.

“Our goal is to provide information about new options we are building that people will have, to message a business on WhatsApp, in the future,” the spokesperson added.

WhatsApp clarified the EU carveout pretty early on when Niamh Sweeney — the policy director for WhatsApp across Europe, the Middle East, and Africa — tweeted out that these impending updates wouldn’t affect the way WhatsApp collected or shared data on folks in the region. While European users did need to agree to some minor tweaks as part of the January update, Europe’s strict data protection laws mandate that users can’t be coerced into sharing their WhatsApp data with the platform’s parent company, Facebook.

For everyone outside of the EU, WhatsApp’s new policies mandate that some amount of a user’s WhatsApp data get shared with Facebook. WhatsApp’s initial announcement was kind of hazy on what data was being shared between the two, and the company’s ongoing attempts to clarify things haven’t helped. In short, the new policies allow businesses to retarget users on Facebook and Instagram based on conversations they might have with customers on WhatsApp.

It’s worth noting here that not long after WhatsApp first announced these impending updates, reports began circulating that Ireland’s Data Protection Commission was mulling a fine of up to €50 million — roughly $78 million — against WhatsApp for allegedly breaching GDPR. Meanwhile, the company’s Irish arm set aside close to $US92 ($118) million to offset the “administrative fines” WhatsApp anticipates from Ireland’s ongoing investigation.

Meanwhile, this letter from MeitY is only the latest challenge facing WhatsApp in India right now. Back in March, MeitY filed suit against the company with the Dehli High Court on the grounds that the company’s planned policies flouted the country’s longstanding cybersecurity mandates. Not long after, the country’s Competition Commission ordered its own detailed probe into what it suspected was “exploitative and exclusionary conduct” snuck into WhatsApp’s updated terms.

WhatsApp tried defending itself in the High Court case earlier this month by arguing that these new policies aren’t any more invasive than any other app that’s popular in India, pointing to the food-delivery app Zomato and the ridesharing platform Ola as examples. It also argued that while the company might be deleting accounts that don’t comply with the new policies, at least they won’t be deleted right away.