WhatsApp updating its terms of service and privacy policy is nothing new. But, why this time, the latest privacy policy change is creating such hue and cry?
WhatsApp, the popular messaging app has updated its privacy policy and terms of service. Now, it is mandatory for the users to accept the new terms of the company. Or else, they will be required to delete their account. Clearly, that’s forcing the users to accept or get off. Nothing in between.
The updated terms of service and privacy policy will be in effect from February 8, 2021.
WhatsApp users are required to accept the terms and policies by the deadline and these updates are applicable to all the services provided by WhatsApp, as the company claims.
WhatsApp collects and stores a whole lot of information about its users under the Automatically Collected Information header. The app further divides this information into four segments, which are – Location Information, Device and Connection Information, Usage and Log Information, and Cookies. WhatsApp implies that the activities of the users related to them are under the watch of the US-based company. Clearly, you and your phone are now under an invisible scanner, if not it was the case before.
While explaining its new privacy policy, WhatsApp wrote, “We collect information about your activity on our Services, like service-related, diagnostic, and performance information. This includes information about your activity (including how you use our Services, your Services settings, how you interact with others using our Services (including when you interact with a business), and the time, frequency, and duration of your activities and interactions), log files, and diagnostic, crash, website, and performance logs and reports.”
The popular instant messaging app also keeps the information related to its users’ messages, calls, groups, status, profile photo, among other things.
As it further said, “This also includes information about when you registered to use our Services; the features you use like our messaging, calling, Status, groups (including group name, group picture, group description), payments or business features; profile photo, “about” information; whether you are online, when you last used our Services (your “last seen”); and when you last updated your “about” information.”
Based on the permission of the users (which we don’t actually give much attention to and reluctantly give access to the app) for using location-related features, WhatsApp collects and uses the precise location information from the device as well. Want to know what does it mean? Well, WhatsApp knows where you are going, where you were last night. Yes, every geographical movement can be tracked.
However, the popular messaging app owned by Facebook, said that it collects information about the device and connection when people make use of its services.
“This includes information such as hardware model, operating system information, battery level, signal strength, app version, browser information, mobile network, connection information (including phone number, mobile operator or ISP), language and time zone, IP address, device operations information, and identifiers (including identifiers unique to Facebook Company Products associated with the same device or account),” further said WhatsApp.
Changes with regard to other Facebook products
WhatsApp’s new privacy policy takes note of that when clients depend on outsider administrations or other Facebook products that are incorporated with its services, those outsider administrations may get data about what the users share with them. Examples of this sort of outsider joining incorporate utilizing the in-application video player to play content from an outsider stage.
WhatsApp clarifies that when a client depends on this, data, for example, IP address and the way that the user is a WhatsApp client, might be given to the outsider being referred to or to another Facebook organization item.
Recall when you use Google Drive or iCloud to reinforce your talks, these administrations are as a result gaining admittance to the messages. Actually, nothing has changed, then again, actually, WhatsApp is expounding further what it implies for information sharing when clients depend on these outsider mixes.
It likewise explains that when somebody is utilizing outsider administrations or other Facebook products, their own terms and security arrangements will administer the user’s utilization of those administrations and items. Given that WhatsApp has a combination now with highlights like Rooms on Facebook, this explanation may be required for some clients.
WhatsApp has additionally clarified in extraordinary detail how they work with Facebook and its gathering of organizations, including the sort of data that is traded. This incorporates data around improving foundation and conveyance frameworks, wellbeing and security around Facebook items, administration encounters, for example, making proposals for clients, customized content around buys and exchanges.
At last, it likewise makes reference to that the data trade will incorporate to improve applicable offers and advertisements across Facebook products.
An example of WhatsApp-Facebook integration is the capacity to pay for items on WhatsApp utilizing Facebook Pay, which is accessible in the US.
Whatsapp Web users’ mobile number appearing in Google Search?
While WhatsApp is basically an app, it also has a web version and desktop application. Around 400 million users in India currently use WhatsApp on their mobiles. While some professionals use the service on their desktop and personal computers via the Web version.
According to cybersecurity researchers the there is a leak in WhatsApp Web. If someone using the service through the web version, their mobile number is being indexed on Google Search. Also, these are not business mobile numbers, but individual numbers.
Facing the sharp criticism regarding the latest terms and policy and privacy policy, along with the data security concerns, WhatsApp has claimed that it has asked Google not to index private group chat links. It also advised the users not to share the group chat links on publicly accessible websites. The ‘noindex’ tag is not helping in this case.
The issue first emerged in February 2020, when app reverse engineer Jane Wong discovered that Google has around 470,000 results for a search of ‘chat.whatsapp.com’, part of the URL that makes up invites to WhatsApp groups.
Does WhatsApp have a separate privacy policy for Europe and India?
WhatsApp has a dubious strategy regarding its privacy policy for users. While in India, the users will soon have no other option than sharing their data with Facebook and other platforms, if they want to continue using the app, in Europe, the data sharing policies remain unchanged. WhatsApp doesn’t share European Region user data with Facebook to improve its products or ads.
Clearly, the platform is taking advantage of the not so strong data security regulation of India. This revelation has raised the fresh demand for a stringent data protection law in India.
The General Data Protection Regulation (GDPR) in Europe is a stringent and robust law protecting the privacy and data of its people, which is unlike India where the Personal Data Protection bill is yet to become a law.
The GDPR is a well-defined law, which comes with provisions of hefty penalties like putting an obligation on businesses and service providers to collect only essential information that is absolutely necessary to provide services. On the other hand, in India current laws lack clarity and enforcement mechanism as well.
Section 43A of the IT Act, 2000 puts an obligation on businesses to adopt reasonable security practices to protect the user’s personal data and adopt a clear privacy policy in this regard. This includes what information is collected, how the information is being collected, for which purpose, and requires the express consent of a user for any transfer, declaration of who are the intended recipients of information, and how it will be used.
While these are mentioned on paper, enforcement remains a challenge. The users often cannot prove that their data has been collected illegally or for any unlawful purpose. This eventually leads the companies to exploit the users.
Also Read: Cyber warfare: Pakistani hackers getting Chinese help to launch cyber attacks on India
