Facebook has agreed to put a temporary block on its use of private WhatsApp user information in the U.K. following pressure from the country’s privacy watchdog.
The Information Commissioner’s Office (ICO) is now urging Facebook and WhatsApp to agree that they will better explain the nature of their data-sharing deal to customers before reinstating it. The watchdog adds there will be consequences if Facebook starts using the data without valid consent, including enforcement action such as fines.
Information Commissioner Elizabeth Denham said the following in her blog post regarding the ICO’s investigation into Facebook: “I had concerns that consumers weren’t being properly protected, and it’s fair to say the enquiries my team have made haven’t changed that view.” She continued: “I don’t think users have been given enough information about what Facebook plans to do with their information, and I don’t think WhatsApp has got valid consent from users to share the information. I also believe users should be given ongoing control over how their information is used, not just a 30-day window.”
WhatsApp promised it wouldn’t share its users’ messages for any purpose other than to seek assistance from Facebook in operating and providing its services. Critically, users were also given the option to opt out within 30 days. Despite its reassurances, the deal resulted in an inevitable backlash — mainly due to the fact that WhatsApp was viewed as having shed its long-touted standing as an independent platform. Concerns were also raised by a German governmental agency, and an EU advocacy group.
“These updates comply with applicable law, and follow the latest guidance from the U.K. Information Commissioner’s Office,” said a Facebook spokesperson in a statement. “We hope to continue our detailed conversations with the ICO and other data protection officials, and we remain open to working collaboratively to address their questions.”
It is unclear at this early stage how long the suspension will last. For her part, Denham claims the ICO will keep pushing the issue with the help of other agencies, including the Data Protection Commissioner for Ireland, which is notably where Facebook’s EU headquarters are based.