“Respect for your privacy is coded into our DNA. Since we started WhatsApp, we’ve aspired to build our Services with a set of strong privacy principles in mind,” the old privacy policy of social messaging service platform WhatsApp read.
The updated policy announced on January 4 does not have this introductory line, which along with a few other key policy changes have spooked people all over the world.
In India the updated terms have been gradually pushed to all the users. While accepting the changes is voluntary for now, it will only be so till the policy comes into effect from February 8.
Among the key changes in the new policy is the plethora of information that WhatsApp, a Facebook platform, will start to collect.
This includes hardware data such as battery level, signal strength, app version, browser information, mobile network, connection information (including phone number, mobile operator or ISP), language and time zone, IP address, device operations information, and identifiers (including those unique to Facebook company products associated with the same device or account). These were not part of the previous policy.
There are also changes in the policy related to location services. The social messaging platform said that even if users “do not use our location-related features, we use IP addresses and other information like phone number area codes to estimate your general location (e.g. city and country). We also use your location information for diagnostics and troubleshooting purposes.”
The policy also explicitly states that WhatsApp uses Facebook’s global infrastructure and data centres, including those in the US, to store user data, something that was not there in the past policies.
Another change is on how users interact with businesses on WhatsApp.
“When you message with a business on WhatsApp, keep in mind that the content you share may be visible to several people in that business. In addition, some businesses might be working with third-party service providers (which may include Facebook) to help manage their communications with their customers. For example, a business may give such third-party service provider access to its communications to send, store, read, manage, or otherwise process them for the business,” the new policy states.