The government on Friday requested the Delhi high court to restrain WhatsApp from implementing its controversial privacy policy update, contending that the new policy fails to comply with local user privacy and data protection rules.

The government’s affidavit compounds the problems for the messaging app, which has faced a backlash from users with millions of users moving to rival apps such as Telegram and Signal. The outcry forced WhatsApp to delay the launch of the new policy to May. A WhatsApp spokesperson declined to comment on the government’s affidavit.

The affidavit was filed in response to a petition filed by Seema Singh, through advocate Meghan, challenging the WhatsApp policy update.

In the affidavit, the government said WhatsApp has stated that user data will be freely shared with other Facebook companies, even though the rules of 2011 under the Information Technology Act, 2000 prohibits such sharing.

Since the contract of the user is with WhatsApp, all other Facebook firms are “third parties” and any sharing of data obtained by it will amount to a violation, the Centre said. The matter will be heard on 20 April.

“WhatsApp, in its privacy policy, has said that third-party services will be given information about the user whenever a third-party service is used through WhatsApp. Notably, this information is being shared with third-party services and not users. This means that such services are “third parties”, and no further disclosure is permitted.”

It also told the court that the policy fails to provide users with the option to review or amend their personal information.

The privacy policy “appears to provide an option to further manage, change, limit or delete your information of the policy, but upon close perusal, it is apparent that this ability is limited to a user’s profile name, picture, mobile number and the about information.” “For the policy to be compliant with the rules, it must allow users to exercise this option for all kinds of data collected by WhatsApp, which are mentioned in the policy. The impugned privacy policy thus fails to fulfil these obligations,” the affidavit read.

Reacting to the Union government’s response, advocate Meghan said, “The three rights prayed before the court to be declared authoritatively have not been talked about in the counter affidavit. Furthermore, even the mechanism to protect the citizen’s privacy in the interim has also not been heeded in the counter affidavit.”

The Centre has contended that the updated privacy policy fails to specify types of sensitive personal data being collected and with whom the information is being shared. It said WhatsApp also fails to notify the user details of the collection of sensitive personal information.

The Centre said that in accordance with the law, WhatsApp is required to explain the types of personal and sensitive personal information in its privacy policy. However, WhatsApp has used general terms to enlist the kinds of data collected, the Centre said, adding that no distinction has been made between the personal data or sensitive personal data which is being collected.

WhatsApp spokesperson said late Friday night: “As we said in January, when this matter was first raised: we wish to reinforce that this update does not expand our ability to share data with Facebook. Our aim is to provide transparency and new options available to engage with businesses so they can serve their customers and grow. WhatsApp will always protect personal messages with end-to-end encryption so that neither WhatsApp nor Facebook can see them. We are working to address misinformation and remain available to answer any questions.”

Subscribe to Mint Newsletters

* Enter a valid email

* Thank you for subscribing to our newsletter.

Source link


Please enter your comment!
Please enter your name here