Restrain WhatsApp from implementing new privacy policy

New Delhi: In an affidavit submitted to the Delhi High Court on Friday, the Centre has said that the new privacy policy of WhatsApp is in violation of the information technology rules and the company could be stopped from implementing them till the final decision of the validity of the rules by the court.

The Ministry of Electronics and Information Technology made the statement in its affidavit filed in response to a petition challenging the new privacy policy of social networking platform WhatsApp.

The petitioners, Seema Singh, Meghan and Vikram Singh, have contended that the new privacy policy indicates the "fissures" in Indian data protection and privacy laws.

Under the new policy, users can either accept it or exit the app, but they cannot opt not to share their data with other Facebook-owned or third-party apps. A bench of Chief Justice D N Patel and Justice Jasmeet Singh listed the matter for further hearing on April 20.

The Centre, in its affidavit, said, "It is humbly prayed that in view of the above submissions, the Respondent No. 2 (WhatsApp) may be restrained from implementing its new privacy policy and terms of service dated January 4, 2021 from February 8, 2021 or any subsequent date pending adjudication by this court." The affidavit further said that the IT Rules impose a host of obligations on a company in relation to the security of the data collected by it in the course of its business.

"Notably, the Rules require a body corporate who collects, stores or otherwise deals with data to issue a privacy policy providing for certain safeguards, in addition to imposing various other obligations. The impugned Privacy policy violates the 2011 Rules..," it said.

The Centre said that the Supreme Court has placed a responsibility on the Centre to introduce a regime on data protection and privacy.

"The Union has discharged this obligation by introducing the Personal Data Protection Bill, 2019 in the Lok Sabha. Upon enactment, this law will provide a robust regime on data protection which will limit the ability of entities such as Respondent No. 2 issuing privacy policies which do not align with appropriate standards of security and data protection," the affidavit, filed through advocate Kirtiman Singh, said.