WhatsApp U-turn On Privacy Gets EU Challenge

Uploaded on 2016-11-05 in BUSINESS-Services-Law, FREE TO VIEW, NEWS-News Analysis

A seismic shift in privacy policy by messaging app WhatsApp this summer, when it said it would begin sharing user data with parent company Facebook including for ad targeting, has now attracted the attention of European’s data protection watchdog group, the Article 29 Working Party.

The WP29 group wrote to WhatsApp founder Jan Koum yesterday, setting out its concerns about the privacy policy U-turn, including how the shift was communicated to users.

“The Article 29 Working Party (WP29) has serious concerns regarding the manner in which the information relating to the updated Terms of Service and Privacy Policy was provided to users and consequently about the validity of the users’ consent,” it writes.

“WP29 also questions the effectiveness of control mechanisms offered to users to exercise their rights and the effects that the data sharing will have on people that are not a user of any other service within the Facebook family of companies.”

It adds that its various members, so basically all the national DPAs of EU Member States, will “act in a coordinated way” to target any problems they identify, with a dedicated working group for enforcement actions set to address the WhatsApp issue specifically.

The letter asks WhatsApp for details of the specific data being shared, including data categories, source and recipients, and the effects of the data transfer on users and on “potential third persons”, so the working group can assess whether changes are necessary to ensure legal compliance.

The Wp29 group also urges WhatsApp to stop passing user data to Facebook while it investigates the legality of the arrangement.

WhatsApp declined to specify whether it would be halting data-sharing in Europe, per the WP29’s request, when we asked.

WhatsApp made the following statement: “We’re working with data protection authorities to address their questions. We’ve had constructive conversations, including before our update, and we remain committed to respecting applicable law.”

The WhatsApp-Facebook privacy policy U-turn had already drawn criticism from individual European Union member country data protection agencies, including the ICO in the UK and the Hamburg City DPA in Germany.

Europe’s competition commissioner, Margrethe Vestager, has also publicly flagged the arrangement as a concern, suggesting new rules are needed to enable the region’s regulators to keep up with tech giants’ use of data.

Techcrunch:      WhatsApp Implements Encryption:

« ‘How The Russians Won An American Election’ Opinion By Ronald Marks
Google AI Invents Its Own Cryptographic Algorithm »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Brainwave GRC

Brainwave GRC

Brainwave GRC is a leading European software provider focused on Identity Analytics and intelligence to strengthen IT security and compliance.

CERT Bulgaria (CERT.BG)

CERT Bulgaria (CERT.BG)

CERT Bulfaria is the National Computer Security Incidents Response Team for Bulgaria.

Tigerscheme

Tigerscheme

Tigerscheme is a certification scheme for information security specialists, backed by University standards and covering a wide range of expertise.

Network Integrity Systems

Network Integrity Systems

Network Integrity Systems is a leader in network infrastructure security and offers solutions specifically developed for Government and Private Enterprise.

CyberInsureOne

CyberInsureOne

At CyberInsureOne, we break down the complex world of cyber insurance, and connect you with providers that can give you and your company peace of mind.

Texas A&M Cybersecurity Center

Texas A&M Cybersecurity Center

Texas A&M Cybersecurity Center is dedicated to combating adversaries who desire to harm our citizens, our government, and our industry through cyber-attacks.

Business Resilience International Management (BRIM)

Business Resilience International Management (BRIM)

Business Resilience International Management (BRIM) is engaged by law enforcement in the UK and overseas to advise on establishing and developing Cyber Resilience Centres (CRCs) for business.

New Net Technologies (NNT)

New Net Technologies (NNT)

NNT SecureOps provides ultimate protection against all forms of cyberattack and data breaches by automating the essential security controls.

Bloc Ventures

Bloc Ventures

Bloc Ventures is an investment company providing long-term, ‘patient’ equity capital to early stage unquoted deep technology companies.

Simplilearn

Simplilearn

Simplilearn is the world's #1 online bootcamp for digital skills training in disciplines such as Cyber Security, Cloud Computing, Project Management, Digital Marketing, and Data Science.

QuoIntelligence

QuoIntelligence

QuoIntelligence experts can help your team understand the evolving cyber threats and provide simple yet comprehensive recommendations so you can focus on what matters.

Motiv ICT Security

Motiv ICT Security

Motiv is the ICT security specialist that provides public and private sector organisations with IT security solutions and services to prevent cybercrime, data theft and data breaches.

BlackFog

BlackFog

BlackFog is a leader in device data privacy, data security and ransomware prevention. Our behavioral analysis and anti data exfiltration technology stops hackers before they even get started.

R-Tech

R-Tech

R-Tech GmbH manages the digital start-up initiative, whose goal is to build a sustainable start-up culture in the field of digitization throughout the Upper Palatinate district of Bavaria.

Lancera

Lancera

Lancera provides growth accelerating Software Development, Web Presence and Cybersecurity Solutions with a focus on customer happiness.

Randaemon

Randaemon

RANDAEMON’s mission is to create True Random Number Generators (TRNG) that are hardware-based and integrated into System-on-Chip.