After the joint recommendation issued on May 7th by the Administrative Council for Economic Defense (CADE), the National Data Protection Authority (ANDP), the Federal Public Ministry (MPF) and the National Consumer Secretariat (Senacon) on the new policy of privacy of the WhatsApp messaging application, the bodies, jointly or separately, held meetings with company representatives so that the measures they deem pertinent to the rights of the holders of users are effectively adopted.
At the beginning of the negotiation table, WhatsApp agreed to suspend, for 90 days, the deadline for acceptance of the privacy policy and defined that no user would have their account suspended or deleted during this period. Later, the company also informed that no user would have their account suspended or deleted even after 90 days.
Approximately three months after the recommendation, the company presented commitments to comply with several points of the recommendation and technical note issued by the National Data Protection Authority and technical details for its feasibility.
Regarding the technical points identified by the National Data Protection Authority ratified in the recommendation, WhatsApp communicated the fulfilment of points related to transparency and user accessibility in the first round of negotiations.
After a new technical note from National Data Protection Authority, WhatsApp signalled that it intends to attend to the other points; mainly theadjustment of the privacy policy to reflect transparency practices, in the formats it already performs for users in the European Union; update of terms on WhatsApp Business; preparation of the impact report, covering the treatment of data on children and adolescents; systematization of internal control mechanisms.
During this period, it is also important to mention that the understandings with the company advanced to facilitate access to the person in charge and the exercise of rights by the holder in a systematic evaluation by the bodies. The company has also committed to developing educational materials for data holders on the safe use of the application.
Due to the complexity of some points, WhatsApp will present to the bodies the proof of evolutions until next August 31st. Afterwards, a company meeting will be with the four bodies to analyze these points and define the next steps.
The experience of this negotiating table reaffirms the value of the interinstitutional cooperation effort between CADE, National Data Protection Authority, Federal Public Ministry and the National Consumer Secretariat, whose main objective is the protection of consumer rights, privacy and personal data, guaranteeing free competition and order economic and the defence of diffuse and collective rights, in a coordinated, harmonious and integrated manner.
Source: CADE website
