Days after it was issued what is deemed to be the second-largest penalty under the GDPR in the EU, social media biggie and Facebook-subsidiary WhatsApp finds itself being slammed with a $235,000 fine by Turkey, on grounds of data breach. The country joins a host of other nations who have been coming down on the green colored messaging platform, accusing it of failing to protect user information.
No Choice But To Consent
This change has not settled well with a number of countries, who have alleged the firm of jeopardizing the safety and privacy of millions of users. Much like many of its counterparts, the Personal Data Protection Authority (KVKK) in Turkey had decided to launch an official examination into the issue, with special emphasis on the sharing of user data with foreign clients.
A Single Text Contract
During the probe, it was found that WhatsApp had been obtaining this so-called “explicit consent” by way of getting users to consent to the contract that is the Terms of Service (which is apparently considered a contract with the users). As such, it was concluded that a single explicit consent is obtained from users on the matter, with more optional rights being provided.
In other words, a single text, that is, the Terms of Service, contains clauses about the processing and transfer of data, hence damaging the “free-will disclosure,” by now allowing users to choose whether or not they want their data to be shared, even if they accept all the other terms.
Ireland had fined WhatsApp a sum of €225 million, while Moscow has banned both WhatsApp and Facebook, along with Twitter, last month, on grounds of failing to store the data of Russian users on locally-situated servers.