WhatsApp privacy policy fight in South Africa

The Information Regulator of South Africa has informed Parliament that it is considering all its options in its engagements with WhatsApp over the changes it has made to its privacy policy.

The Facebook-owned mobile messaging platform first issued a notice to users about the changes in January, along with an ultimatum — accept the new terms before 8 February 2021 or lose access to WhatsApp.

Facebook extended the deadline to 15 May following widespread backlash, and has since softened its stance further, saying that WhatsApp users will not be immediately cut off and will only start losing functionality in several weeks.

“We’ve provided them with a critique of their approach and they’ve responded and tried to indicate how it is that they do, in fact, comply with local legislation,” said Information Regulator member Alison Tilley in a meeting of the Parliamentary Portfolio Committee on Justice and Correctional Services.

Tilley said that the Information Regulator maintains that WhatsApp offers two different privacy policies — one for Europe to comply with the the General Data Protection Regulation (GDPR) and one for people living outside Europe.

The Information Regulator is of the view that South Africa’s Protection of Personal Information Act (POPIA), which comes into full effect on 1 July 2021, is similar to Europe’s GDPR.

“We’ve advised WhatsApp that we believe they should adopt the EU policy in South Africa and other countries in the Global South who have similar regimes,” Tilley told the committee.

However, the Information Regulator is not confident that it, or the regulators of other smaller nations, will be able to convince Facebook to comply with local legislation without banding together.

“Facebook is a massive company,” Tilley said.

“We feel it’s not going to be particularly successful if we try to engage them just one regulator at a time. We’re going to have to build a coalition to make our intervention effective.”

To that end, the Information Regulator is working with the Global Privacy Assembly, a group of over 130 data protection and privacy authorities around the world, as well as data protection authorities in the Commonwealth.

Sizwe Snail ka Mtuze, another member of the Information Regulator and adjunct professor in the law faculty of Nelson Mandela University, said they highlighted specific concerns with WhatsApp.

One such concern was the fact that WhatsApp aims to process unique identifiers for purposes that they were not originally intended for.

Snail ka Mtuze said that although the Information Regulator has not threatened legal action, should Facebook not want to engage with them further, the regulator would have to consider its options.

The chairperson of the Information Regulator, Pansy Tlakula, has said the South African government will not help the regulator in its engagements with Facebook.

“We are fighting a giant,” Tlakula told the Parliamentary Portfolio Committee.

“They cannot willy-nilly abuse the personal information of users,” said Tlakula.

Tlakula proposed that the Portfolio Committee on Justice and Correctional Services work with the Committee on Communications and Digital Technologies to ask questions of Facebook relating to the WhatsApp privacy policy changes.

Facebook has agreed to meet with the Communications and Digital Technologies committee after being invited to do so by Phumzile van Damme from the Democratic Alliance.

While the main reason for inviting Facebook was to ask questions about how it would tackle misinformation and disinformation in the context of South Africa’s upcoming local elections, Van Damme said the protection of private data of South African users on Facebook-owned platforms would also form part of the meeting.

Now read: Register for a COVID-19 vaccine in South Africa via WhatsApp or SMS

Latest news

Partner Content

Show comments


Share this article
WhatsApp privacy policy fight in South Africa