Site navigation

Facebook to Access WhatsApp User Data – Except in Europe

Michael Behr


WhatsApp Social app firm WhatsApp has been fined for abusing privacy legislation after supposedly hiding how its data sharing practices.

Users in Europe and the UK will escape the new privacy policy, which has been criticised for undermining the service’s data protection credentials.

New rules mean WhatsApp users will be required to share information with the messenger’s parent company, Facebook, to keep using the service.

However, the company has said that these new data-sharing changes will not apply to EU or UK users. Instead, a different policy that lacks the new data-sharing terms will apply.

The new privacy policy will take effect from February 8. A pop-up notice warns users that they will need to accept the new terms – those who do not want to will need to delete their app.

Previously, WhatsApp allowed users to opt-out of sharing their data, a policy which stopped Facebook using the information to inform its targeted ad features.

Even if the opt-out were enabled, WhatsApp could still share data for operating purposes. In addition, users had to opt-out within the first 30 days of activating the messenger.

At present, WhatsApp collects and shares a range of data from its users, including name and phone numbers, the location of the user’s internet connection and financial transactions made over WhatsApp, along with contacts and status updates.

The messages themselves will still be encrypted, so neither WhatsApp nor Facebook can read the information they contain.

The new privacy policy notes that data can be shared with other Facebook companies in order to personalise advertising, among a variety of other reasons.

However, these new changes do not appear in the European version of the update document. Facebook later confirmed that the rules will not apply in the EU, EEA, or the UK.

“For the avoidance of any doubt, it is still the case that WhatsApp does not share European region WhatsApp user data with Facebook for the purpose of Facebook using this data to improve its products or advertisements,” a spokesperson for Facebook stated.

Facebook has said that it does not use WhatsApp data for this purpose due to its ongoing negotiations with European Data Protection organisations.


One of WhatsApp’s primary selling points is its use of end-to-end encryption, one of the most robust forms of encryption available. This involves messages being encrypted at the point or departure and only being decrypted when they arrive with the recipient. Unlike other services, the messages are not decrypted and re-encrypted during transit, meaning they cannot be read by the service provider, who could pass on the information to third parties.

As such, WhatsApp is popular with users who are concerned with how companies treat their private data.

On the back of the new privacy policy, Elon Musk took to Twitter to recommend that people use alternative messenger service, Signal.

Like WhatsApp, Signal uses end-to-end encryption to protect users’ messages and is owned by the non-profit Signal Foundation.

With the backing of Musk, Signal Tweeted that new signups to the service will be delayed due to the number of new users trying to join the messenger.

Facebook has been at the centre of various data controversies over the past few years. The transfer of data by Facebook from the EU to the US was the impetus behind the two Schrems cases, which invalidated previous legal frameworks Safe Harbour and Privacy Shield.

The cases, brought by Austrian privacy activist Maximillian Schrems, argued that Facebook failed to provide adequate data protections in the US compared to the EU under GDPR.

Michael Behr

Senior Staff Writer

Latest News

Data Protection Editor's Picks
Digital Transformation Events
Cybersecurity Editor's Picks
%d bloggers like this: