The scathing remarks of the Supreme Court against the Meta-owned messaging platform WhatsApp with regard to its data-sharing practices, which violate the right to privacy of users, are part of a growing narrative against global technology companies. The Bench of Chief Justice Surya Kant and Justices Joymalya Bagchi and VM Pancholi gave an unequivocal warning and threatened to dismiss the appeal if the company fails to give an undertaking that it would not share user information. Meta had come up with a controversial privacy policy in 2021, which deprived users of the option of not allowing the company to share certain user information. In an earlier version of the policy, users could opt out of data sharing for advertising. This was construed as an anti-competitive practice as it evidently abuses market dominance and deprives users unhappy with its policy of switching to alternative platforms. The Competition Commission of India penalised the company, and the National Company Law Appellate Tribunal upheld the CCI order.
If one were to examine the remarks made by the court, it would be evident that the Bench viewed the policy not only as an anti-competitive policy but, more significantly, as a “theft” of private information, as “playing” with the right to privacy and as “making a mockery of the Constitution”. Secondly, the court rightly felt that a common user was deprived of the option to say no or exercise an alternative choice, and the framing of the policy in complex and dense language did not equip users with the knowledge and understanding needed to give consent. Not just Meta, almost every platform and application deliberately uses complex legalistic language so that users cannot understand the full import and implications of what they are consenting to. These companies adopt a set of tactics known as “dark patterns”, take gullible users for a ride and make them accept terms that often benefit the platform and go against consumer interests.
The country’s Digital Personal Data Protection (DPDP) Act, 2023, does address some issues relating to WhatsApp, namely a mandatory opt-out option and "SARAL" (Simple, Accessible, Rational, and Actionable) consent notices in plain language. But platforms were given time till May 2027 for phased implementation. The court also highlighted the serious lacuna in India’s DPDP, which, unlike the European Union’s data regulations, does not address the issue of the “value” of data.
The fiery and angry outbursts and the fire-and-brimstone threats against global technology giants sound hollow if one notes how deeply these companies are embedded in India’s digital system and how the ruling establishment itself has exploited these platforms for political gains. The powers that be and technology companies have shared a cosy, mutually beneficial equation, and both are adept at accommodating each other’s interests. The companies accept content “regulation” policies and entertain government requests with initial hesitation and mild protest, and in return, they are allowed to monetise and thrive in one of the world’s largest and most digitised markets. At best, such cases can be viewed as tactical measures to exert pressure and secure limited, pragmatic results.