The National Commission for Computing and Liberty is warning WhatsApp to comply with French law to transfer the data of its users to Facebook.
If Facebook is at its head, the Commission Nationale Informatique et Libertés (CNIL) is angry. The French authority responsible for the regulation of personal data has just recalled the order WhatsApp, bought in 2014 by Facebook. It asks the company and its parent company to comply with French law within three months, as regards the transmission of data between the application and the giant of the Web. The President and the two vice-presidents of the CNIL have “decided to make public this notice to ensure the highest level of transparency on the massive data transmission of a large number of users of WHATSAPP to FACEBOOK Inc. and thus alert to the need to put people in a position to keep control of their data, “explains the regulator in a communicated that we feel a bit angry. Facebook deemed uncooperative Facebook and WhatsApp have been harassing all European data regulators (the G29) and the European Commission since they decided to share the personal data of their users. Facebook, however, had guaranteed that it could not cross-check its information with that of the WhatsApp application when it was bought in 2014. Being mistaken, Brussels has sanctioned Facebook a fine of 110 million euros, while several investigations were launched by the group of European Cnil, the G29, to identify what was actually done with these data. One of them, led by the CNIL, found that WhatsApp did not respect the French law on data protection, despite several reminders to the order of the regulator. The CNIL claims to have repeatedly asked the company WhatsApp to send him samples of data transmitted to Facebook. “The company has indicated that it is unable to provide this information because, being installed in the United States, it considers itself subject only to the legislation of this country” the French regulator says. According to Article 21 of the Data Protection Act, Facebook is nevertheless obliged to cooperate with the authority to prove that it is in compliance on the transmission of data of French citizens. Investigations allowed the CNIL to determine that the data of the 10 million French users of Whatsapp had been sent to Facebook for security and business intelligence, but not for advertising purposes. Motifs “whose contours remain unclear,” says Isabelle Falque Pierrotin at the microphone of BFM Business. In addition to this lack of cooperation, Cnil found in its investigation several violations of the law on the consent of users to share their data. Nearly one-third of WhatsApp users said they did not want their data used for advertising purposes by Facebook Isabelle Falque Pierrotin recalls in her interview with BFM Business. According to the law, “the users must be able to oppose a purpose (…) while continuing to use the application”. WhatsApp, however, requires its users to share their data to Facebook or they will not be able to use the application. Another criticism of WhatsApp is the lack of clarity and legitimacy in the purpose of sharing data. Facebook claimed to collect the data for security purposes, advertising targeting or “business intelligence” (data analysis) but for CNIL, “the company WHATSAPP can not claim its legitimate interest in massively transferring data to FACEBOOK Inc. to the extent that this transmission is not accompanied by sufficient guarantees to preserve the interest or fundamental rights and freedoms of users. ” In Europe, privacy is thus considered an inalienable and non-transferable right against access to a service. A precedent with Google This formal notice is not a first. The CNIL had already delivered with WhatsApp in February 2016, for the same reasons . It also put Google on notice in 2013, following the company’s refusal to proceed with the dereferencing requested by European citizens. In 2016, this procedure eventually led to a penalty of 100,000 euros against Google . If the company does not comply with the formal notice within the time limit, “the President may appoint a rapporteur who will propose if necessary to the restricted training of the CNIL, responsible for repressing the breaches of the law, to impose a penalty “Says the regulator. The regulator can currently sentence up to a fine of 3 million euros, a derisory amount for Facebook. But CNIL also chairs the grouping of European data regulators , with whom she leads a coordinated action on the case of Facebook. His Belgian counterpart, the Commission for the Protection of Privacy (CPVP) has been fighting since October Facebook at the Brussels Court of First Instance as she accuses him of illegally collecting information about non-members of his community. The company is also the subject of several investigations from competition authorities in Europe. “Tomorrow, the new European legal framework will change the relationship between Europe and the United States,” adds Isabelle Falque Pierrotin to BFM Business. The General Data Protection Regulation ( RGPD ) will force Facebook to meet the demands of Europe if it wants to access its market of 500 million users.

Post Comment