recommended reading

Feds to Facebook: Hands Off WhatsApp Data

Twin Design/Shutterstock.com

Facebook's proposed $19 billion dollar purchase of WhatsApp just got hit with its first dose of regulatory red tape.

The social-media giant must honor the prior "privacy obligations" that WhatsApp, a mobile chat client, had promised to its hundreds of millions of users before the deal was announced, the Federal Trade Commission notified both companies Thursday.

"WhatsApp's privacy policy clearly states, among other things, that users' information will not be used for advertising purposes or sold to a third party for commercial or marketing use without the users' consent," states the letter from Jessica Rich, director of FTC's consumer-protection bureau. "Facebook's purchase of WhatsApp would not nullify these promises, and WhatsApp and Facebook would continue to be bound by them."

Some privacy groups have expressed concern that Facebook, which relies heavily on collecting user data and selling it to advertisers, would breach assumed privacy protections that WhatsApp adopters believed they would be given when signing up with the internationally popular messaging platform. The Electronic Privacy Information Center and the Center for Digital Democracy filed a complaint with FTC last month objecting to the purchase on these grounds.

"The FTC is to be commended for sending a very strong signal that they will hold Facebook and Whatsapp accountable for their promises," Jeff Chester, the executive director of CDD, said in a statement responding to Thursday's announcement. "The commission's action has likely spoiled, for now, the plans Facebook has developed to turn its $19 billion into even more digital gold for themselves."

If Facebook wishes to use WhatsApp data in a way that extends beyond the existing privacy agreement, it must first earn "affirmative consent" from individual users before doing so.

"We're pleased the FTC has completed its review and cleared our acquisition of WhatsApp," a company spokeswoman said. "Naturally, both companies will continue to comply with all applicable laws after the transaction closes."

This isn't the first time that Facebook has tangled with FTC over privacy issues. In 2011, the company settled government charges that it had deceived its consumers and violated privacy agreements by changing privacy settings before earning consent.

"We want to make clear that, regardless of the acquisition, WhatsApp must continue to honor these promises to consumers," the letter continues. "Further, if the acquisition is completed and WhatsApp fails to honor these promises, both companies could be in violation of Section 5 of the Federal Trade Commission (FTC) Act and, potentially, the FTC's order against Facebook."

Facebook announced it had purchased the five-year-old WhatsApp, which boasts 450 million users and soaring growth rate of a million more each day, in February for a humongous price tag of $19 billion that shocked most observers, some of whom were unfamiliar with a messaging service that is far more popular overseas than it is in the United States.

(Image via Twin Design / Shutterstock.com )

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

    Download
  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

    Download
  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

    Download
  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

    Download

When you download a report, your information may be shared with the underwriters of that document.