Facebook, already under scrutiny in the United States and the European Union for revisions to privacy policies for its WhatsApp messaging service, has been ordered by Hamburg’s privacy regulator to stop processing data of German users of the chat service.
In a renewed clash with the social-network operator, Johannes Caspar, one of Germany’s most outspoken data protection commissioners, ordered Facebook to delete any data it already has. The news comes as EU privacy regulators, who previously expressed concerns about the policy shift, meet in Brussels to discuss their position. There is no legal basis for Facebook to use information of WhatsApp customers, Mr Caspar said Tuesday.
“This order protects the data of about 35 million WhatsApp users in Germany,” he said. “It has to be their decision as to whether they want to connect their account with Facebook. Therefore, Facebook has to ask for their permission in advance. This has not happened.” The Hamburg authority claims jurisdiction over the company’s German activities because Facebook’s national unit is based in the area.
Mr Caspar has been fighting with Facebook for years over how the California-based technology juggernaut applies European data-protection rules. Facebook has argued that only the regulator in Ireland, where it has its European base, has jurisdiction over any such decisions. Germany’s top administrative court earlier this year sought the EU top court’s view on which law applies in these cases.
Facebook said it complies with EU data protection law and is “open to working with” the Hamburg authority in an effort to address its questions and “resolve any concerns”.
In June, Mr Caspar’s office lost an appeal in a fight with Facebook over pseudonyms, with a German court saying it remains unclear whether the Hamburg watchdog can regulate Facebook.
The social network said last month it would start using data from its messaging app to allow advertisers to better target those users on Facebook and Instagram, in addition to allowing businesses to send messages to WhatsApp users directly.
The move raised concerns with several European regulators. The policy shift may help WhatsApp generate revenue, but also could irk users drawn to its strong stance on privacy.
Mr Caspar said last month this could “just be the beginning” of a mass data exchange between the two companies. Privacy commissioners from the 28-nation EU confirmed they will discuss the US companies’ plans at their scheduled meeting in Brussels this week.
Mr Caspar rejects arguments that WhatsApp has no European base, or Facebook’s claims that only Irish law applies in its case. He is relying on recent decisions by EU courts over jurisdiction issues involving US technology companies.
The US federal trade commission is also reviewing a joint complaint from two consumer privacy groups filed in August claiming that Facebook’s move violates US federal law banning unfair and deceptive practices.
WhatsApp said in an August blog post that its users’ “encrypted messages stay private and no one else can read them. Not WhatsApp, not Facebook, nor anyone else” and that it “won’t post or share your WhatsApp number with others, including on Facebook, and we still won’t sell, share, or give your phone number to advertisers”.
The changes will connect users’ phone numbers with Facebook’s systems and allow it to “offer better friend suggestions and show you more relevant ads if you have an account with them”, according to the blog post. The new policy will also allow businesses to send messages to users, including appointment reminders, delivery and shipping notifications and marketing pitches.
business@thenational.ae
Follow The National's Business section on Twitter
