Italian probe on WhatsApp for compelling users to share personal data with Facebook

02 Nov 2016

Italian antitrust watchdog said Friday that it had opened a probe into whether messaging service WhatsApp obliged users to agree to sharing personal data with its parent company Facebook and imposed "unfair" conditions on users (See: WhatsApp to start giving user data to parent Facebook ).

In August WhatsApp had said it intended to start sharing phone numbers with the social network, which led European regulators to say they would put the matter under close scrutiny.

The Italian agency will investigate whether the WhatsApp application had implied any service discontinuation unless users agreed to terms and conditions including the sharing of personal data.

It would also look into WhatsApp's terms of use including only the provider having the right to terminate the agreement, and "unjustified" interruptions to service.

WhatsApp had been warned by European privacy watchdogs over sharing user information with parent company Facebook. They had also cautioned Yahoo over a 2014 data breach and scanning of customer emails for US intelligence purposes.

European regulators had flagged the popular messaging service change in privacy policy recently that would allow it to start sharing users' phone numbers with Facebook, the first policy change since the acquisition of WhatsApp by Facebook in 2014.

The independent body, which included the EU's 28 data protection authorities said in a statement that it had requested WhatsApp to stop sharing users' data with Facebook to avoid falling foul of the EU data protection law. (Also see: German regulator bars Facebook from collecting data of WhatsApp users )

Under the messaging service's new policy it would be able to share user information with Facebook for purposes that were not included in the terms of service when users signed up.

The body, known as the Article 29 Working Party (WP29), said that it was of ''the utmost importance'' that the company communicate ''all the available information''.

''This includes not only but specifically information on the exact categories of data (eg names, telephone numbers, email, postal address, etc) and the source of such (eg data from the users' phones or data already stored on company servers) as well as a list of recipients of the data and the effects of the data transfer on the users and potential third persons.'' (European regulators question US tech companies over privacy issues)