The Ministry of Electronics and IT (MeitY) in India has recently issued a notice to WhatsApp, urging the messaging app to withdraw the latest update to its privacy policy. The issue of contention here is the potential threat this update poses to the data protection of Indian users.
Understanding the Controversy
The updated privacy policy from WhatsApp, which is a Facebook-owned platform, includes terms where users cannot prohibit the app from sharing their data with Facebook unless they delete their accounts altogether. This shared data could include personal information such as location and number. The intent behind these updates is to simplify business interactions and personalize Facebook ads, generating revenue for the company. These changes have been perceived as discriminatory by the Indian government, as they limit the ability of Indian users to opt out of this new privacy policy unlike their European counterparts.
The Relevance of GDPR in Europe
Users in Europe are free to reject WhatsApp’s new terms of service thanks to the General Data Protection Regulation (GDPR). This law in the European Union protects users from unwanted data sharing with Facebook, granting them the power to refuse the updated privacy terms.
Defining Data Protection
Data protection is essentially the practice of securing essential information from corruption, potential compromise, or loss. It pertains to the vast array of information stored on computers or networks, and its importance escalates with the exponential increase in data creation and storage.
The Expanding Need for Data Protection
Based on a 2019 report from the Internet and Mobile Association of India (IAMAI), India has about 504 million active internet users, making its online market second only to China. Huge volumes of personal data collected online make it a valuable asset for companies, governments, and political parties for targeted advertising. However, this also opens up possibilities for privacy invasion, as this data can reveal personal aspects of an individual’s life.
Data Protection Laws in Different Countries
Different measures are taken globally to ensure data privacy. The European Union’s General Data Protection Regulation gives individuals control over their personal data. Meanwhile, the American legislation consists of sector-specific laws dealing with digital privacy aspects.
India’s Steps for Data Protection
India’s Information Technology Act, 2000 was devised to prevent unauthorized usage of computers, computer systems, and stored data. Following the Supreme Court’s recognition of privacy as a fundamental right in the K.S. Puttaswamy v. Union of India 2017 case, the Personal Data Protection Bill was created in 2019. The bill aims to protect individuals’ privacy of their personal data, establishing the Data Protection Authority of India to oversee these matters.
Concerns Regarding the Personal Data Protection Bill 2019
Despite its intention to protect personal data, the bill grants exemptions to the central government, allowing it to process personal data without explicit permission from the concerned individuals. This aspect of the bill has raised concerns about its potential abuse.
Adapting to the Future of Data Protection
The need for a robust data protection regime is critical in the digital age. The Personal Data Protection Bill, 2019 needs revisions to ensure its focus on user rights and privacy. A privacy commission should be established to enforce these rights, with the government respecting the privacy of citizens while strengthening the right to information. Lastly, considering the technological advancements in recent years, the new legislations must address these changes to avoid becoming obsolete.
Last Modified: February 13, 2024