The Information Regulator has asked for Facebook South Africa and WhatsApp LLC to appear in Parliament to answer questions about its new privacy policies set to take effect this month. The independent body, which falls under the Department of Justice, says there are substantial differences between the privacy policies for WhatsApp users living in Europe compared to those living in other parts of the world.
.On 15 May 2021, WhatsApp will require users to accept new terms and conditions for using the App. The Information Regulator (IR) said it had written to WhatsApp LLC and requested it to revise the privacy policy in South Africa to match it to the standard used in the European Union (EU).
“The IR has received no agreement from WhatsApp. Under the circumstances the Regulator is briefing attorneys to prepare an opinion on the way forward in terms of litigation,” the Rgulator said in a statement.
“It remains the Regulator’s assertion that the Protection of Personal Information Act (POPIA) has a privacy regime which is very similar to the EU regime, and therefore believes that WhatsApp should adopt the EU policy in South Africa, and other countries in the global south that have similar regimes.
“The IR remains of the view that despite WhatsApp operating in different legal and regulatory environments, there are effectively two privacy policies for the users of WhatsApp. There are substantial differences between the policies for users living in Europe compared to the one for users living outside of Europe.”
The Regulator said they intended to work together with other organisations in order to hold Facebook accountable. A history of their attempts to engage thus far were as follows:
- 8 May 2021 – the IR engaged the Global Privacy Assembly (GPA), of which it is a member. The IR asked the view of the GPA on the compliance of the Revised Policy with generally acceptable data protection principles; and whether it intends to engage WhatsApp on this matter.
- 9 April 2021 – The Reseau Africain Des Autorite De Protection Des Donness Personelles (RAPDP), an African Network of Data Protection Authorities of which South Africa is a member, engaged robustly with Facebook on the matter. The Network has made strong recommendations to WhatsApp requesting them to bring the WhatsApp privacy policy in line with Africa data protection laws. RAPDP emphasised that the privacy policy should be applicable to Africa in line with those applicable to other regions, particularly the European region.
- The IR has asked the Portfolio Committee on Justice and Correctional Services to request Facebook South Africa and WhatsApp LLC to appear in Parliament on this matter.
“We are obligated as the Regulator to ensure the protection of personal information of all South African citizens and monitor compliance of the POPIA by responsible parties. We therefore will take this matter further and seek legal opinions and advocate for collaborated efforts,” said Chairperson of the IR, Advocate Pansy Tlakula.