The IT laws and rules in India are surprisingly evolving rather landscape swiftly. And in times of the ongoing pandemic, digital protection and privacy have become the need of the hour. Now WhatsApp has dragged the government of India to the court regarding the new IT laws. The company states that these rules will break its end-to-end encryption. These rules ask for a resident grievance officer, chief compliance officer as well as a nodal contact person for every social media platform. Moreover, it demands these platforms to report the number of user complaints and issues they receive and their steps in their resolution to submit every month. According to Reuters who have seen the court filing, WhatsApp has disputed that the Indian government has sought to transcend its legal powers by actioning such laws as to tracing messages which the company says is an invasion of their privacy and will sabotage their infamous ‘end-to-end encryption’ on text messages.
To add to that, these new IT rules order all the social media platforms to make room for the government to trace the origin of flagged messages. This will imply that messages that will be considered against the laws of the state will be able to get traced back to their point of origin. If we see properly, these new IT rules On one side, these new laws are somewhat tyrannical as they give the power to the Government of India to hold social media platforms accountable to delete posts and take down messages that are unacceptable or against the laws. On Friday, WhatsApp told the Delhi High Court that until the Personal Data Protection Bill comes into action, it will hold its updated privacy policies. On behalf of WhatsApp and Facebook, senior counsel Harish Salve informed the high court about this decision.
Also, Whatsapp Messenger informed the bench of Chief Justice DN Patel and Justice Jyoti Singh that the users who do not opt for its new privacy policy will not be limited to any functionality for the time being. “The government has asked to shut down the policy. We have said we will not enforce it till the data protection bill is passed. That is open-ended because we don’t know when the Bill is going to come out,” Harish Salve said in the High Court hearing. He further added, “We have said we will not do this [enforce policy] for a while. Suppose the Bill allows me to do it, we will have completely different ramifications.” Back in May, the Ministry of Electronics and Information Technology has warned WhatsApp of legal action if needed in order “to protect the sovereign rights” of the citizens of India, repeating itself that WhatsApp’s privacy policy modifications and the crude manner of presenting them are a threat to the sacrosanct values of informational privacy, data security as well as user choice for Indian users.
At that time, WhatsApp received a set of 14 questions from the Ministry asking to describe the ways it collected data, the kind of permissions and consents it obtained from users, and whether they were different from what it collected from users in other countries. Also, the Ministry asked WhatsApp if any profiling was done by it and the nature of it. Some days ago, the Delhi police visited Twitter’s Indian office to serve them a notice alleging them to connect with the “Congress toolkit” row where the rival party was deemed to spread falsified facts on Twitter in order to ruin the image of Prime Minister Narendra Modi and reprimanding how his government handled the pandemic in the country. Twitter flagged BJP spokesperson Sambit Patra’s tweets as “manipulated media” and Congress cleared that it wasn’t involved in any of this and slammed the media as corrupt and fake.
Obviously, the dominant party did not take it well and the Ministry of Electronics and Information Technology (MeitY) had written to Twitter to remove the tags. But the tweet still carries that tag and is not even removed from the platform even after Congress filed police complaints against the BJP. The government similarly pressed Twitter for other certain tweets that it deemed to spread fake information and criticized the ruling government. But even if the government here seems to be at fault, we shouldn’t forget that these social media platforms are not fighting to protect user data or maintain user privacy. Everyone is aware of the fact that user data is not at all private as these big companies scrutinize and watch over it in order to sell advertisements and manipulate us to spend more time.
There is yet another problem and it’s that global standards enforce a system for accountability and traceability for genuine cases of messages that could be viewed as an influence against the country’s integrity. The fact that WhatsApp is hellbent on presenting the new privacy policies that will let Facebook store the user data and share it with businesses for its own profit is proof enough that WhatsApp doesn’t care about end-to-end encryption when it comes to making some money. Back in January, the company initiated by spamming notifications and flat out threatening users with account deletion if they don’t follow the new policy, but then the Indian government convinced WhatsApp to stall these policies for now. A Facebook spokesperson told the media that it will maintain its stand on the new user policy until the forthcoming PDP (personal data protection) law comes into force.
Harish Salve stated that “We voluntarily agreed to put it (the privacy policy) on hold… we will not compel people to accept. The MeitY feels that WhatsApp’s privacy policy is against Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules 2011, but WhatsApp will anyway continue to display the update to its users. We replied to MeitY’s notice seeking a response, saying that WhatsApp will not limit functionality for some time and continue to show users the update.” He said that they will hold onto this until the Data Protection Bill comes into effect and acknowledged that they have put it on hold. The Delhi High Court court is currently hearing the appeal made by Facebook and its firm WhatsApp after the single-judge order turned them down for suspending the competition regulator Competition Commission of India’s (CCI) order directing a probe into WhatsApp’s new privacy policy.
Their counsel Harish Salve pointed out that there’s a difference between the challenge to the privacy policy and the challenge to CCI order for probe as most part of it concerns the privacy policy challenge. In June, the government had filed an affidavit in which it told the Court that WhatsApp is responsible for anti-users practices by obtaining ‘trick consent’ from users for its updated privacy policy. The Centre further complained that WhatsApp’s new policy is against the IT rules created by the government. WhatsApp’s spokesperson answered by saying, “We reiterate that we have already responded to the Government of India and assured them that the privacy of users remains our highest priority. As a reminder, the recent update does not change the privacy of people’s personal messages. Its purpose is to provide additional information about how people can interact with businesses if they choose to do so.”
He also said that WhatsApp does not intend to limit the functionality of its system for the next few weeks. Instead, they will remind their users from time to time regarding the updated policy especially when users select to use concerned advanced features such as communicating with a business that is receiving aid from Facebook. WhatsApp hopes that this new approach ensures the choice of its users to interact with a business. The company said that it will continue with this approach as long as the PDP Bill comes in between. Though WhatsApp has decided not to implement any limitations, for the time being, it is quite probable in the future as it stated that its current stance is only until the government of India acts on the Personal Data Protection (PDP) Bill. As a matter of fact, the PDP Bill will restrict all social media platforms and apps from collecting, processing as well as sharing personal and sensitive data of their users. But it doesn’t seem to come into action anytime sooner as the Indian government needs to scrutinize strict guidelines thoroughly.