Author: Michelle Waknine
Following an investigation by the Information Commissioner’s Office (ICO), the UK’s data protection watchdog, WhatsApp has signed a public commitment not to share personal data (i.e. data which identifies individuals) with Facebook until data protection concerns are addressed.
“We may use information… to help operate, improve, understand, customize, support, and market our Services and their offerings…Facebook and the other companies in the Facebook family may also use information from us to improve your experience within their services such as making product suggestions (for example, of friends or connections, or of interesting content) and showing relevant offers and ads”.
The ICO’s findings from the investigation were as follows:
WhatsApp has now signed an ‘undertaking’ in which it has committed to not sharing personal data with Facebook, until it is in a position to comply with the upcoming General Data Protection Regulation (GDPR) coming into force in May this year. The ICO has made clear that it will be closely monitoring WhatsApp’s adherence to the undertaking.
Elizabeth Denham, the Information Commissioner, is optimistic that the new legislation will be “good news for UK users of social media services” and will provide a stronger emphasis on transparency and accessibility of information for the public.
It will be interesting to see WhatsApp’s approach to tackling compliance with the GDPR, which imposes much tougher requirements surrounding the protection of personal data. In particular, the GDPR strengthens the rules on what constitutes ‘consent’. With fines of up to €20 million or 4% of companies’ global annual turnover for breach of the GDPR, all businesses handling personal data should, if they haven’t already done so, be considering whether the new rules apply to them and, if so, be taking compliance very seriously. It is the large-scale companies handling personal data, such as WhatsApp and Facebook, which may be stung the hardest in terms of fines, and it is likely that WhatsApp will be working hard on its compliance and introducing notable changes over the forthcoming months.
Michelle Waknine, Associate, Fladgate LLP (email@example.com)