In the few short days since its unveiling, WhatsApp’s updated Privacy Policy has provoked widespread backlash, including a request from the Indian government to withdraw the changes entirely.
In the few short days since its unveiling, WhatsApp’s updated Privacy Policy has provoked widespread backlash, including a request from the Indian government to withdraw the changes entirely.
In short, the change describes how users’ data – including device type, general location, and language – would be shared with Facebook, which acquired WhatsApp back in 2014 and appears keen to use the platform for future data-driven e-commerce initiatives.
A handful of in-depth recaps explain the changes in greater detail, like this overview from Gizmodo. However, one of the most concerning impacts of this development is not so much a particular policy change but rather the trend it illustrates: for users in the United States and other countries lacking strong privacy regulation, their data protection is left to individual companies’ policies. Without federal laws to guarantee a legal baseline for users’ privacy protection, companies must intentionally enact a long-run commitment to informing users of how the processing of their data could evolve over time. Later in this piece, we’ll share a few recommendations on how this can be done.
Unpacking the fallout from the updated WhatsApp policy and charting more effective privacy initiatives require a commitment to delivering relevant information to users in an accessible way. Maintaining user loyalty is hard. It becomes significantly harder when the data relationship between user and platform is modified without transparent communication, and ultimately, respect for the end-user’s position. From WhatsApp’s case, there are plenty of lessons to be gleaned on how that relationship should be managed. In short: unclear communication creates confusion, which rapidly snowballs when there is no legal framework that guarantees users’ privacy protections. In the absence of such laws, millions of WhatsApp users around the world are understandably concerned.
These concerns undercut trust in a business like WhatsApp. And trust in businesses is a massive factor in consumers’ behavior: 89% of consumers express concerns about the protection of their personal information, and 75% of shoppers will prioritize brand trust over price when purchasing a product
Privacy policies, never having been considered light reading, have actually become over 25% longer and measurably more difficult to read since the enactment of GDPR, in a survey of some of the largest tech platforms. Considering that these opaque policies also apply to those not afforded GDPR protections, businesses must do better to inform users of their privacy protections.
Trust in a brand is cumulative and gradual. In the absence of a federal privacy law (though one might be not far off in the United States), businesses must prioritize user privacy as a long-term commitment. Updates to privacy policies are often healthy and necessary. Following these three recommendations can reduce the risk that you catch users by surprise and help you grow your customers’ trust.
Ethyca’s CEO Cillian Kieran explains the significance of the team’s CIP certified patches.
Learn more about all of the updates on the Fides 2.20 release here.
Ethyca’s Principal Product Manager Rachel Silver takes you through the privacy intelligence dictionary Fides Compass, and shows how it makes data mapping, consent, and compliance faster and easier than ever.
Fides Compass provides deep intelligence about commonly used third-party vendors to automate data mapping and consent, getting you to a state of global privacy compliance quickly. Learn everything about what Fides Compass does, and how, in this blog post.
Our web developer, Suchi Natarajan, breaks down the Global Privacy Control (GPC) and how to comply with it.
Our VP of Sales, James Frey, breaks down how Ethyca’s privacy solutions bridge the silos between legal and engineering teams.
Our team of data privacy devotees would love to show you how Ethyca helps engineers deploy CCPA, GDPR, and LGPD privacy compliance deep into business systems. Let’s chat!
Request a Demo