In February 2021, WhatsApp updated its privacy guidelines which brought about some significant changes in terms of its usage. The most significant change in the new policy is the declaration that WhatsApp would share information across the Facebook Network of Companies, i.e., Facebook, Instagram, etc. While it was optional previously, post 8th February 2021, it would become mandatory. After facing a backlash from users, WhatsApp has put the policy on hold till 15 May.
However, it does not mean that WhatsApp now can share your every data including messages, with Facebook and Instagram. WhatsApp continues to be a safer app than Facebook and Instagram who do not provide end-to-end encrypted chat services. It means that while using these apps, the message data is shared with a third party other than the sender and the receiver. However, with the policy change, interactions with businesses on WhatsApp, including messages, will be accessible across the Facebook network.
It is important to understand that WhatsApp will conduct significant data mining exercises in two branches: i) primary text messages sent to business accounts ii) metadata
Metadata, for our discussion, can be explained as almost everything about a message except for the ‘content’ of that message. This includes the user's location, IP address, profile picture, contacts, and WhatsApp statuses. Although WhatsApp still claims that it cannot access the user's contacts and location. It was a common practice used by Facebook ever since its inception. For example, you must have noticed that Facebook ads are always relevant to what you search on Google or online shopping sites. Besides, it also extracts keywords from messages and shows customized ads to the targeted audience.
Now on a more dangerous scale, details about users’ spending habits or location can help Facebook build an identity/personality profile helping them target advertisements from businesses like political consultancies or political parties. Facebook is alleged to play a similar role in the 2016 US elections, which led to the unexpected win of Donald Trump.
While India does not currently have a data protection law, Solicitor General Tushar Mehta appeared for the central government and told the Supreme Court that the right to privacy is a fundamental right and it cannot be infringed upon irrespective of whether there is a specific law for it or not. Currently, the usage and transfer of personal data of citizens are regulated by the Information Technology (IT) Rules, 2011, under the IT Act, 2000. The rules hold the companies using the data liable for compensating the individual, in case of any negligence in maintaining security standards while dealing with the data.
Also, a bill proposed earlier by the Srikrishna Committee stipulates under Section 5 that the usage of data/information must be reasonably linked to the purpose for which it was given. Under this proposed section, for example, data collected like financial information, location, or any other metadata on WhatsApp cannot be used by a different entity to target users with advertisements for associated businesses.
Under this proposed bill, the liability is on the businesses to ensure that the user’s consent with regards to the collection of data is fairly taken, and the collected data is used in a reasonable manner linked to its original purpose.
WhatsApp's new policy is of significant concern as India has the highest number of WhatsApp users globally with around 340 million people actively using it. It is followed by Brazil where the number of users is significantly less, around 60 million. In June 2020, the Center banned 59 Chinese apps over privacy concerns including some of the very popular apps like TikTok and PUBG. Following WhatsApp’s new guidelines, thousands of users have already switched on to other apps like Telegram and Signal which provide various features like disappearing messages, keeps user’s identities and contact numbers safe and no data is shared with third parties.
Following the severe backlash, WhatsApp tried to reassure its Indian users that changes in guidelines were meant to improve users’ experience on the app. However, the application post the changed guidelines remains to be seen.
 https://www.whatsapp.com/legal/updates/privacy-policy/?lang=en  Karmanya Singh Sareen v. Union of India  Max Schrems v. Data Protection Commissioner  Constituted under Ministry of Electronics and Information Technology  https://timesofindia.indiatimes.com/business/india-business/government-blocks-access-to-43-mobile-apps/articleshow/79389252.cms