WhatsApp agrees to full compliance with EU rules, including more user transparency and respecting user choices regarding contract updates.

Whatsapp has committed to full compliance with EU rules, giving users more transparency into changes in the platform’s terms of service and making it easier for users to reject updates that they may not want. This will include Whatsapp providing clear explanation when the rejection of certain terms will result in the user no longer being able to use the platform. Whatsapp has also confirmed that user’s personal data  would not be shared with other Meta companies, or third parties for advertising purposes. A recent press release from the European Commission outlines the commitments the company has made to ensure compliance and respect for its users.

Whatsapp has confirmed that the company does not gain profits from sharing users’ personal data. 

The Consumer Protection Cooperation (CPC), a network of authorities responsible for the enforcement of EU consumer protection laws first sent a letter to WhatsApp in January 2022, and subsequently in June 2022. The letters requested that Whatsapp clearly inform consumers  about its business model and, more specifically, whether WhatsApp draws revenue from commercial policies relating to users’ personal data. The CPC, the European Commission and Whatsapp had discussions which resulted in Whatsapp confirming that it does not derive profits from sharing users’ personal data for advertising purposes. The company also made various commitments to ensuring the achievement of full compliance with EU law. 

Whatsapp had agreed to specific commitments to ensure full compliance with EU rules.

With regard to the rollout of new updates, Whatsapp agrees to full compliance with EU rules by ensuring they follow the appropriate steps. This will include providing a full explanation to users of what changes it intends to make to its contracts and how these changes could affect the user’s rights. Whatsapp has also agreed to provide the option to reject the updated terms of service along with the option to accept them. More importantly, these options will be displayed to users with equal prominence and ease of selection, so as not to sway their judgment. The notifications informing users of any updates will provide the option to be dismissed so as to delay the review of those updates. Users will  also have the ability to opt out of receiving recurring notifications about the updates. 

Does your company have all of the mandated safeguards in place to ensure the safety of the personal data you collect or process? Aphaia can help. Aphaia also provides both GDPR and Data Protection Act 2018 consultancy services, including data protection impact assessments, and Data Protection Officer outsourcing. We can help your company get on track towards full compliance. Contact us today.