In January 2021, WhatsApp announced that it would be altering its privacy terms to share data with Facebook causing panic among WhatsApp users. Users that want to continue using WhatsApp’s services have no choice but to agree to these new privacy terms. WhatsApp is a messaging platform used globally as an alternative to normal SMS or device-specific texting platforms such as iMessage or BBM, hence the hysteria causing millions of users to flee to alternative platforms such as Signal and Telegram. Much of the concern over these new privacy terms is due to a lack of understanding from the general public regarding privacy laws, particularly in relation to the internet and social media. Many people were under the impression that the content which they shared on WhatsApp at face-value such as text messages, media and status’ will now be shared and posted on Facebook as well. The contrary is true, it is the information and data gathered internally that will be shared with Facebook.
The concern raised by WhatsApp users indicates that people would like to protect their privacy as much as possible in the digital age. In South Arica, the Constitution of the Republic of South Africa, 1996 guarantees everyone the right to privacy which includes the right not to have the privacy of their communications infringed. The Protection of Personal Information Act 4 of 2013 (POPIA) is the main regulatory body of relevance in this regard. POPIA sets conditions explaining when it is lawful for someone’s personal information to be processed and places legal obligations on the person or organisation processing such information to do so with the highest regard. These standards include-
- Accountability. Being held responsible for ensuring compliance.
- Processing limitation. Collect only the necessary information.
- Purpose specification. Define the scope of the information being processed in relation to a specific purpose.
- Prohibition on passing information. Information cannot be sold or passed on unless there is compatibility with the original purpose.
- Information quality. The information processed must be correct, complete and accurate.
- Openness. The person must be notified that such information is being collected.
- Security safeguards. Implement and maintain measures to secure the integrity of the information.
- Participation. A person whose information is being processing must be able to access, view and correct the information held.
POPIA came into effect on 1 July 2020 and organisations have until 1 July 2021 to comply.
In the digital age, it is important to not get ‘caught up in the hype’ which can be difficult since information spreads quickly. It is noteworthy that each and every social media platform has its downfalls. Users must do their best to protect their privacy by choosing to implement privacy settings to their social media accounts. Luckily, South Africa has adopted the POPIA to aid regulation in this regard.
About the author: Caitlin Naidoo, The Centurion Law Group