WhatsApp set the cat amongst the pigeons this year when it unveiled the new privacy policy and terms of use. It was an optionally mandatory opt-in; users have to either accept it or exit the app.
WhatsApp has made several updates and clarifications in its new policy called “a simple update.” Among them was the app explaining how WhatsApp’s service handles user data and how it partners with its parent platform, Facebook, to allow integrations across its multiple apps, including Facebook Messenger and Instagram.
There are three large categories for the new privacy terms:
- How businesses can manage their chats via Facebook tools
- More details about how user WhatsApp data is process
- How that data ties with the larger Facebook app ecosystem requirements
Since then, there has been a notable dropout from WhatsApp, particularly in India. The latest is that it will not limit the app’s functionality for users who don’t accept the new privacy policy (1). It now believes that this status quo shall remain until the data protection law comes into effect in India.
Earlier, WhatsApp was pretty clear, saying that any user who does not accept these new terms will first receive persistent reminders, following which, they will start losing app functionality, like access to chats and eventually calls on the app.
While India has persistently pushed back against WhatsApp’s new policy, the German regulators have banned its implementation. According to reports, it is something the EU, European Union is also considering (2).
In India, WhatsApp seems to have found ammunition in the IT Rules 2021 to fight back.
Is WhatsApp Getting Banned in India?
But before we dive deeper, let’s get the rumored ban of WhatsApp along with Twitter and Facebook out of the way. It is not happening (3).
If social media platforms don’t comply with the new IT Rules 2021, the guideline clearly states that they will lose the legal immunity protecting them from content shared on their platforms. And that doesn’t mean they will get banned.
The New Information Technology Rules 2021, also known as the new IT rules 2021, Intermediary Guidelines, and Digital Media Ethics Code, are now in effect.
Click here to read the full document.
WhatsApp is Challenging the Indian Government
Earlier this week, WhatsApp had filed a legal complaint against the Indian government over the new IT Rules 2021 (4). According to the Facebook-owned platform, these rules are a violation of privacy rights in India’s constitution.
It argues that the government’s requirement to give the details of a message’s original sender will need WhatsApp to rework the end-to-end encryption, which protects and encrypts the message, sender, and receivers’ details. If it needs to find a message’s sender, it will need to turn off the encryption or at least rework significantly.
Notably, the Meity, the Ministry of Electronics and Information Technology, has remained persistent with WhatsApp to take back its new policy (5).
In its communication to the Facebook-owned messaging platform on 18th May 2021, the Ministry asked WhatsApp to withdraw this new policy in allegations that the manner of rolling out these changes, including FAQ, undermines the inalienable value of data security, informational privacy, and choice for Indian users while also harming the rights and interests of Indian citizens.
Notably, the Delhi High Court had also sought a response from the Indian government for a plea that says that the new privacy policy that WhatsApp implemented on 15th May violates users’ privacy rights under the Indian Constitution. The Chief Justice D N Patel and Justice Jyoti Singh bench has issued notices to the central government, WhatsApp, and parent firm Facebook, for responses as it hears the petition.
And the Indian government’s view is pretty clear; it is a violation of IT laws (6).
The central government stated to the Delhi High Court that the messaging platform’s new policy update violates the Indian IT laws and rules. Whereas, WhatsApp told the bench that while the new privacy policy has already come into effect, it would not take out accounts of users who have not accepted it and would encourage them to get on board.
Let’s take a look at everything that has happened so far.
WhatsApp Vs. Indian Government
It all started in January 2021, when WhatsApp announced a new privacy policy. According to this, WhatsApp is looking to share information with its parent firm Facebook, which was not there in the previous version. WhatsApp gave users time until 8th February to accept the same.
The Indian users did not quite like the ‘take it or leave it’ policy. Several privacy rights activists filed multiple cases against the new policy in Delhi High Court and Supreme Court (7).
Experts opined that WhatsApp was rushing the new privacy policy update because of the likelihood of India implementing its maiden Data Protection Bill, pending since 2019.
The IT Ministry also came down heavily on the messaging platform, questioning its differential privacy policy for Europe and India. Notably, the local governments in Europe have stipulated that WhatsApp can not implement such measures (8).
In a letter, the Government of India reminded WhatsApp that its new privacy policy “raises grave concerns regarding the implications for the autonomy and the choice of Indian citizens.”
Reacting to the ministry’s letter, WhatsApp stated on 20th January that it is ready to address any misinformation around its new policy and remains available to answer all queries. It also stated that it is committed to protecting personal messages with end-to-end encryption and re-emphasized that neither WhatsApp nor Facebook can access them.
On 8th February, WhatsApp postponed the deadline for its updated privacy policy. And by the end of February, the government announced the all-new IT Rules 2021, which included intermediary guidelines and digital media ethics.
The Indian government put forward a firm stand to find a message’s originators. It means that platforms like Telegram, WhatsApp, Signal, and others that use end-to-end encryption for messages had to break it to comply with the new rule.
In March, the Competition Commission of India, the country’s fair-trade regulator, took suo moto notice of WhatsApp’s controversial new privacy policy.
In mid-April, the Delhi High Court rejected Facebook and WhatsApp pleas challenging the CCI, Competition Commission of India order for a probe into WhatsApp’s new controversial privacy policy.
On 18th April, CERT-In, the cybersecurity agency of the Indian government, warned the messaging platform users about vulnerabilities detected in the app (9).
In May, Meity directed WhatsApp to withdraw the planned update and gave the Facebook-owned company seven days to give a “satisfactory” response. Eventually, WhatsApp scrapped its 15th May deadline for select regions till 19th June.
The Indian IT ministry had also sent a notice on 18th May to WhatsApp to withdraw its new policy. The Indian government is firm on its stance that postponement of the policy does not absolve WhatsApp of user privacy concerns.
On 20th May, Meity sent a second letter to WhatsApp to withdraw the policy and gave a week to respond to the stance. Clearly, WhatsApp took a biased treatment of Indian users compared to users in Europe.
On 26th May, WhatsApp filed a petition in Delhi High Court against the Government of India seeking reprieve from compliance under the new IT Rules 2021.
While responding to WhatsApp’s legal challenge, on the very same day, Meity stated that “the Indian government recognizes that the right to privacy is a fundamental right and is committed to ensuring the same for its citizens.”
Ravi Shankar Prasad, the Union Minister, stated (10) that “the Indian government is committed to ensuring the privacy rights of all its citizens. Yet, still and all, it is also the government’s responsibility to maintain law and order to ensure national security.”
The IT minister clarified that the order to trace a message’s first originator as per the new guidelines should be passed only for the investigation, prevention, etc., of an offense relating to integrity, sovereignty, and security of the country, public order incitement to an offense relating to child sex abuse, rape, or sexually explicit material punishable with imprisonment for not less than five years.
Prasad added that WhatsApp’s responsibility is to look for a technical solution, whether via encryption or otherwise. He asserted that none of the measures the government has proposed would impact the app’s normal functioning in any manner, and there will be no impact on common users.
The Central government had issued the new IT Rules in February this year, which ended on 25th May, offering three months of the compliance period (11).
WhatsApp argues that it cannot comply with it because its messages are end-to-end encrypted, and it would have to break it to follow the law.
Notably, it is not the first time the US tech giant has been embroiled in a legal battle against the Indian government. We find it quite surprising for Facebook to make such confrontations, looking at its current position, especially when India is its biggest market globally with more than 45 crore user base. But, more on that later.
Now, let’s see why the battle is a big deal for Indian users.
Read Also: Facebook: The King of Social Media or Unchecked Hedonism?
Why You Need to Care About Facebook’s Motive With The New Policy in India
What is practically happening here is, we users have signed up to WhatsApp because we want to communicate with our friends and family. That is why we are giving our data. But, Facebook is now trying to use this data and share it with others to run their businesses, which is the core of the issue with WhatsApp’s new policy (12).
The purpose of using our information is not well connected with the purpose for which we users are giving that data.
We can also see the new privacy policy of WhatsApp as a move to ensure its seamless expansion into the Indian retail space. It is quite clear that WhatsApp is integrating greater into its parent Facebook so that Facebook, Instagram, and WhatsApp all become part of one bundle.
Read Also: WhatsApp Privacy Outrage is Justified: Here’s Why
Some users took to Twitter to investigate whether the concerns about the new policy merely amount to virtue signaling or if there is a lot at stake.
While WhatsApp’s end-to-end encryption clause will likely remain intact, it will only ensure that they can not see your messages or share them with anyone. However, with the new policy, it can now share users’ metadata, which is essentially everything beyond the text of the conversation, with Facebook and third parties.
Virtually, it will give a 360-degree profile into your online activity. And such a level of insight into a person’s private and personal activities can lead to subtle forms of commercial exploitation and micro-targeting by political campaigns. Remember the Cambridge Analytica scandal (13), anyone?
And since India does not have Data Protection Law in place yet, users are left with the company’s assurance and privacy policies.
And if that company is saying that it will use your data and share it with the world’s largest and most controversial social media platform, which is embedded on every second website, and collect data from there. In that case, the data integration will essentially put you under the surveillance of the Facebook group of companies.
It seems like a lot at stake here to us.
While we are at it, let’s take a glance at WhatsApp’s history:
- In 2009, when WhatsApp was first launched, it committed that it will not sell user data to any third-party
- It changed when Facebook acquired the platform in 2014, but with the promise to operate as separate entities.
- Again, the commitment changed in 2017, when it started sharing the data with Facebook, but users could opt out back then.
- In 2021, Facebook changed it to a “take it or leave it” policy.
The new policy is a breach of the expectations with which they had first signed up for WhatsApp (14).
While most of WhatsApp’s Indian users are ignorant about privacy concerns as they are generally difficult to understand by the public, people with a higher degree of privacy and data protection awareness have already shifted to other alternatives.
Moreover, after the initial massive PR disaster when it first notified users of its new privacy policy update, Whatsapp tried to limit the damage by pushing back its implementation. But not before making it clear in an official statement that pretty much blames us, users.
Apparently, thousands, if not millions, of users globally are misinformed and confused about the new update, hence the panic. But, there was never anything to be worried about. It makes us wonder how long Facebook will keep brushing things under the carpet (15).
Now back to WhatsApp suing the Indian government.
Read Also: Facebook’s Ill-Fated Fight Against Privacy as Apple Remains Firm
WhatsApp’s Red Herring Move to Sue the Government of India
While the Facebook-owned messaging platform’s attempt to protect its end-to-end encryption seems reasonable, and its concern for Indian citizen’s constitutional rights appears well-intended. Still, a closer look at the AI-corporate-hood may suggest otherwise.
Notably, Google recently forced one of its AI-ethics researchers to leave after her co-authored paper exposed the use of partial data to train the giant’s language models, data reflecting shocking regressive attitudes towards race and gender, which we have worked long to eradicate (16).
Moreover, Facebook’s data breaches (17) and Zuck’s apparent unwillingness to act on early warnings remain problematic. For one instance, Facebook had refused to acknowledge a vulnerability a security researcher had identified. It resulted in the breach of more than half a billion users’ data (18).
Facebook and other tech companies indeed use citizen data for profit or otherwise stay opaque.
Generally talking, tech companies continue to be resistant to transparency requests, and it is anyone’s guess how private a user’s data is. AI Companies like Amazon Web Services (19), while constantly tracking, recording, quantifying, and analyzing user data, remains notoriously mysterious about the processes that go into their supply chain, production, their systems’ underlying logic, the type of data they use to train their AI, the huge energy footprint, and the massive natural resources consumption.
Considering the staggering absence of tech companies’ accountability and their rather autocratic operational style reflected in the cases mentioned above, Facebook-owned WhatsApp’s concerns for the Indian citizens’ rights look rather incongruent here.
Even with all its challenges, India has a well-functioning electoral process that allows its citizens to express their preferences, needs, and objections.
However, there is no clarity whether these affordances are available to these tech companies’ employees and consumers (20).
While India is a democratic nation, tech companies are anything but. They may do well to check their own motivations first before questioning the decisions of governments, especially those navigating the changeable waters of a profoundly diverse country such as India.
The phrase, “Healer, heal thyself first” may apply to the current situation.
Facebook-owned WhatsApp’s gauntlet before the Government of India shows us one small but potentially worrisome step towards the states’ sovereignty erosion.
As governments worldwide are pushing for rapid AI development across multiple domains of defense and civilian applications and the world hurtles towards a rising AI-assisted existence, the idea of an AI-dominated world looms large.
An AI-dominated world would essentially become an AI-Corporation-dominated world because the resources needed to create and deploy power-guzzling AI systems are in the hands of wealthy tech giants like Google.
The use of cloud systems to store massive quantities of defense and civilian data would make countries even more vulnerable to corporate nudging, a position made more serious if a nation is dependent on overseas cloud providers.
Democratic nations will do well for the world in that case to:
- resist the temptation to place all their economic and intellectual eggs in the Ai basket
- renew their vows to uphold democracy princes to create deeper ties with their people based on mutual trust
- work together with tech companies to adopt more evolved and inclusive engagement standards with customers, much like Tatas, who has built an illustrious history of an excellent industry and excellent service to the community.
Today’s provision is an opportunity for the Indian government to lead a global effort towards a genuinely AI-empowered world and be a blessing in disguise.
