Call for WhatsApp to revise privacy policy in SA

Friday, May 14, 2021

The Information Regulator of South Africa has after correspondence, written to WhatsApp LLC requesting the company to revise its privacy policy in South Africa to the standard used in the European Union (EU).

On 15 May 2021, WhatsApp will require users to accept new terms and conditions for using the app.

In a statement released on Thursday, the regulator said it has received no agreement from WhatsApp on the matter.

“Under the circumstances, the Regulator is briefing attorneys to prepare an opinion on the way forward in terms of litigation.

“It remains the Regulator’s assertion that the Protection of Personal Information Act (POPIA) has a privacy regime which is very similar to the EU regime, and therefore believes that WhatsApp should adopt the EU policy in South Africa, and other countries in the global south that have similar regimes,” said the regulator.

The Information Regulator (IR) remains of the view that despite WhatsApp operating in different legal and regulatory environments, there are effectively two privacy policies for the users of WhatsApp.

In March the IR announced that it had written to WhatsApp regarding concerns it has over changes over the messaging service’s privacy policy.

“There are substantial differences between the policies for users living in Europe compared to the one for users living outside of Europe.

“Given Facebook’s status as one of the world’s largest companies, the Regulator is of the view that it should work together with other organisations in order to hold Facebook accountable,” the IR said.

On 8 May 2021, the Regulator engaged the Global Privacy Assembly (GPA), of which it is a member, in order to obtain the view or position of the GPA on the compliance of the Revised Policy with generally acceptable data protection principles, and whether it intends to engage WhatsApp on this matter.

Furthermore, the Reseau Africain Des Autorite De Protection Des Donness Personelles (RAPDP) an African Network of Data Protection Authorities, which South Africa is also a member to, engaged robustly with Facebook on 9 April 2021 on the matter.

“The Network has made strong recommendations to WhatsApp requesting them to bring the WhatsApp privacy policy in line with Africa data protection laws. RAPDP emphasised that the privacy policy should be applicable to Africa in line with those applicable to other regions, particularly the European region.”

The IR has also asked the Portfolio Committee on Justice and Correctional Services to request Facebook South Africa and WhatsApp LLC to appear in Parliament on this matter.

“We are obligated as the Regulator to ensure the protection of personal information of all South African citizens and monitor compliance of the POPIA by responsible parties. We therefore will take this matter further and seek legal opinions and advocate for collaborated efforts,” Chairperson of the Regulator, Advocate Pansy Tlakula said. –