WhatsApp, a widely used instant messaging mobile application similar to Research in Motion’s BlackBerry Messenger, violates Canadian privacy laws and potentially puts user information in danger, according to Privacy commissioner Jennifer Stoddart.
A joint statement by commissioner’s office and the Dutch Data protection Authority said that in their coordinated investigations, they found The California-based WhatsApp Inc., contravened Canadian and Dutch privacy laws dealing with protection, retention and disclosure of personal data because WhatsApp forced users to provide access to their address book in order to use the app. The address book of WhatsApp users may contain information of people who do not even use the app.
The company has promised to change its policies, but both Canadian and Dutch authorities are not satisfied.
“Our office is very proud to mark an important world-first along with our Dutch counterparts, especially in the light of today’s increasing online, mobile and borderless world,” said Stoddart. “Our investigation has led to WhatsApp making a commitment to make further changes in order to better protect users’ personal information.”
WhatsApp and the world of universal messaging clients
Privacy policies need more than words: Cavoukian
“But we are not satisfied,” said Jacob Kohnstamm, chairman of the DDPA. “The investigation revealed that users of WatsApp - apart from iPhone users who have iOS 6 software – do not have a choice to use the app without granting access to their entire address book.”
“This lack of choice contravenes (Dutch and Canadian) privacy law,” said Kohnstamm.
The WatsApp Messenger, is a cross platform messaging service which allows individuals to exchange messages on their mobile phones through the Internet rather than by short message service (SMS). The app can be used on Apple’s iPhone, BlackBerry phones and Android phones. By some estimates, the app is said to transmit more than a billion messages each day worldwide.
From January to November last year, the Office of the Privacy Commissioner of Canada (OPC) investigated WhatsApp on grounds that the office had reasons to believe the California company was collecting, using , disclosing and retaining personal information in a manner contrary to Canada’s Personal Information Protection and Electronics Document Act (PIPEDA).
The violations found by subsequent Canadian and Dutch investigations found that: