New Delhi: In a strongly worded letter to Facebook-owned messaging platform WhatsApp, the Ministry of Electronics and Information Technology has expressed its "strong concerns" on the new privacy changes and asked the instant messaging app to "respect the date security of Indian users".
The IT Ministry, in the letter to CEO Will Cathcart, asked Whatsapp to withdraw the proposed policy, slamming its "all or nothing" approach which "leverages the social significance of the app to force users into a bargain".
The policy that was announced earlier this month asked them to agree to the new terms or lose access to accounts by 8th February, sparking widespread concerns and criticisms.
Since Whatsapp is owned by Facebook, the letter called on the social media giant to "value the principles of privacy and consent" as laid down by the Indian supreme court in its judgment of Justice (retd) KS Puttaswamy vs Union of India (2017).
The data sharing between Whatsapp and Facebook has been one key aspect of the concerns.
The govt's letter said that the new proposed policy ceases any "any meaningful distinction between WhatsApp and Facebook companies" and given the huge userbase of both the companies in India, "consolidation of this sensitive information" exposes a "very large segment of Indian citizens" to "greater security risks and vulnerabilities creating a honeypot of information."
The government has handed over a detailed questionnaire to the messaging app to get details about its data-sharing protocols and business practices. Questions including, does WhatsApp conduct the profiling of Indian users, does the app capture information about other apps running on a mobile device.
Here some of the key questions by the Indian govt to Whatsapp:
1.Disclose the exact categories of data that WhatsApp application collects from Indian users.
2. Give details of the permissions and user consent sought by WhatsApp app and utility of each of these with respect to the functioning and specific service provided.
3. Does WhatsApp conduct profiling of Indian users on the basis of their usage of application? What nature of profiling is conducted?
4. Details of the difference between WhatsApp privacy policies in other countries
5. Details of Data Security Policy, Information Security Policy, Cyber Security
6. Does the WhatsApp app share data with any other app or business unit of the
same company or associated companies? Share details of the data flow
among these apps, business units or associated companies.
7. Does the WhatsApp app capture the information about the other apps running
on the mobile device of the user? If yes, what information is being captured by
the app and what purpose is it being collected and used?
8. Details about the server when data of Indian users is transmitted or hosted.
9. Has the company or application provided any access to a third party to access
a user’s personal data? If yes, then share those details.
10. Does the app harvest user data? Has the company faced any action in any
country for surreptitiously harvesting user data?