WhatsApp and Facebook are sharing user data after all and it's legal

[Matrix]

AS WE hit the final hours before GDPR comes into effect, we thought it might be worth pointing out something that we have noticed may need clarifying.

You may recall that a couple of years ago, Facebook bought weak pun based messenger service Whats #App for an extortionate sum of money.

You may also recall that EU bosses as well as sovereign governments within, including the UK, repeatedly warned Facebook that it could not share data with WhatsApp.

 

Well. That's not actually quite right and it took GDPR to flag it up. Facebook and Whatsapp have both published new privacy policies and in accordance with their pledge not to share unless it was fully GDPR compliant, you may have assumed that meant "not at all". Oh no siree, Bob.

WhatsApp has been asking people to agree to the updated Privacy Policy at login. Amongst the changes is this paragraph:

"We work with third-party service providers and the Facebook Companies to help us operate, provide, improve, understand, customise, support, and market our Services. When we share information with third-party service providers and the Facebook Companies in this capacity, we require them to use your information on our behalf in accordance with our instructions and terms."

 

Now, this doesn't sound much like the "Privacy and Security is in our DNA" of recently departed founder Jan Koum. This already sounds a lot more like… well… Facebook talking.

So here's the deal.

"When you use third-party services or Facebook Company Products that are integrated with our Services, they may receive information about what you share with them. For example, if you use a data backup service integrated with our Services (like iCloud or Google Drive), they will receive information you share with them. If you interact with a third-party service linked through our Services, you may be providing information directly to such third party. Please note that when you use third-party services or Facebook Company Products, their own terms and privacy policies will govern your use of those services."

In simple terms - although the companies can't merge their databases, they can integrate products and if you choose to do that, information gets passed on. If it gets passed on, that data is bound by their security and privacy policies - and it's not WhatsApp's fault if they misuse it - after all - you've effectively given permission.

We're not saying this is a huge scandal that we've uncovered. In fact, WhatsApp actually has a completely different company (WhatsApp Ireland) that ensures that has an EU compliant terms of service.

What we're saying is that nothing is cut and dried, and if you're trying to cut back on your Facebook life but still love WhatsApp, then make sure you understand what you still could be sharing.

Oh - and all those GDPR Privacy Policies? Probably worth reading. Though we'll keep you posted if we spot any other ‘misunderstandings'.

 

WhatsApp has also pledged not to allow under-16s on the platform as part of its GDPR pledges. We're just not sure how they can enforce it. Children sometimes lie, you know.  µ

source