Days after it was issued what is deemed to be the second-largest penalty under the GDPR in the EU, social media biggie and Facebook-subsidiary WhatsApp finds itself being slammed with a $235,000 fine by Turkey, on grounds of data breach. The country joins a host of other nations who have been coming down on the green colored messaging platform, accusing it of failing to protect user information.
The fine is of 1,950,000 lira ($235,000) and has been imposed after the Turkish government and masses remained confused for months over whether or not WhatsApp’s controversial new privacy policy and data sharing rules had been introduced in the country.
No Choice But To Consent
For a little background, the messaging giant had announced earlier this year, changes for its Privacy Policy and Terms of Service, stating explicitly that users who rely on the app will have to grant it consent to share their personal information with third-parties, including parent company Facebook. Users who did not consent to this collection and sharing of data would not be allowed to use the app, and would have their accounts deleted.
This change has not settled well with a number of countries, who have alleged the firm of jeopardizing the safety and privacy of millions of users. Much like many of its counterparts, the Personal Data Protection Authority (KVKK) in Turkey had decided to launch an official examination into the issue, with special emphasis on the sharing of user data with foreign clients.
A Single Text Contract
During the probe, it was found that WhatsApp had been obtaining this so-called “explicit consent” by way of getting users to consent to the contract that is the Terms of Service (which is apparently considered a contract with the users). As such, it was concluded that a single explicit consent is obtained from users on the matter, with more optional rights being provided.
In other words, a single text, that is, the Terms of Service, contains clauses about the processing and transfer of data, hence damaging the “free-will disclosure,” by now allowing users to choose whether or not they want their data to be shared, even if they accept all the other terms.
Following Suit
Ireland had fined WhatsApp a sum of €225 million, while Moscow has banned both WhatsApp and Facebook, along with Twitter, last month, on grounds of failing to store the data of Russian users on locally-situated servers.
