India's Competition Commission (CCI) Imposes Hefty Fine on Meta for Whats App Privacy Practices

Written By Christina Gagnier

The Recap

In a landmark decision, India's Competition Commission (CCI) has imposed a hefty fine of INR 2.13 billion (approximately USD 25 million) on Meta, the parent company of WhatsApp, for anti-competitive practices related to the messaging platform’s 2021 privacy policy update. The CCI found that WhatsApp's updated policy unfairly leveraged its dominance in the market to compel users to share personal data with Meta's other services, like Facebook, in violation of India’s competition law.

The 2021 privacy policy update introduced significant changes, requiring WhatsApp users to accept the sharing of their data with Meta for enhanced business services, like targeted advertising. Although WhatsApp argued that the new policy was essential for improving user experience and services, the CCI concluded that it had abused its dominant position to unfairly influence users’ consent.

The fine was imposed under Section 27 of the Competition Act, 2002, which prohibits anti-competitive conduct, including the abuse of a dominant position. The CCI's decision highlights increasing scrutiny of tech giants' data practices in India, especially around privacy and consumer rights. Meta now has the option to appeal the ruling.

The Game Plan

Our thoughts for your business to contemplate?

This penalty comes amid growing global concerns over data privacy, consumer protection, and the dominance of big tech companies. With India being one of the largest markets for WhatsApp, this decision serves as a cautionary tale for global companies operating in regions with strict regulatory environments. Meta’s WhatsApp faces continued pressure to revise its data-sharing practices to align with local laws and international privacy standards.

This ruling adds to the ongoing global regulatory scrutiny of Meta, as the company faces growing legal challenges over its data practices in various jurisdictions, marking an important step in India's push for greater accountability in the tech industry.

  1. Make sure you do an audit of what jurisdictions your business may be operating within and what where your customers/consumers are located.

  2. Even if you are B2B, be aware of where you are selling products and services and collecting personal information.

Need Help?

Tap in Three-Point Law by emailing consult@threepointlaw.com.

Christina Gagnier
Previous

California Privacy Protection Agency Reaches Settlements for Failing to Register with Agency
Next

Data Privacy Laws are Emerging in Africa - Botswana’s New Law