- Meta’s WhatsApp has appealed the $220 million fine imposed by the Federal Competition and Consumer Protection Commission (FCCPC), presenting 22 arguments for a review.
- This comes after the FCCPC accused Meta of violating Nigerian data protection laws by enforcing exploitative and non-compliant privacy practices, including excessive data collection that could lead to device fingerprinting.
- The investigation found that such practices were not used in Meta's European operations, suggesting discriminatory treatment of Nigerian users.
WhatsApp argues that the FCCPC’s fine is unjustified, citing procedural errors in the investigation and impractical, legally unsound demands. It also cites several key issues:
- Vagueness of FCCPC’s directive: WhatsApp claims the FCCPC’s directive on data use is unreasonably vague and lacks a solid legal basis.
- Operational burden: The company asserts that the FCCPC did not account for the operational complexities and burdens of implementing the demands.
- Updated privacy policy: WhatsApp has updated its privacy policy to grant Nigerian users greater control, and suggests an opt-out option instead of the FCCPC’s demands.
- Legal requirements: It argues that Nigerian law does not mandate prior approval of privacy policies from the NDPC or any other agency.
- Data sharing restrictions: The company asserts it cannot stop sharing user information as per FCCPC instructions.
- Inapplicability of 2016 policy: WhatsApp contends there is no basis to revert to a 2016 data sharing policy.
- No user threats: The platform denies having created any threats to Nigerian users, questioning the need for written assurances.
- Data transfer blockage: There is confusion over the blockage of data transfer to Facebook.
- Investigation costs: WhatsApp refuses to pay the investigation costs, citing no legal requirement to do so.
- Implementation delays: The company argues that remedy packages for Nigerian users would take time to implement.
- Penalty calculation: The FCCPC has not clarified how the penalty amount was calculated.
- Consent mechanisms: Building data-consent mechanisms is deemed impractical and costly.
- Approval process: The FCCPC cannot compel WhatsApp to obtain approval from the Commission or National Data Protection Commission (NDPC) before publishing privacy policies.
- Invalid order: WhatsApp disputes the validity of the order due to procedural errors and lack of executive signature.
- Lack of fair hearing: The company claims it was not given a fair hearing on the matter.
- Parent company liability: WhatsApp argues that Meta, the parent company, should not be held liable based on the submitted evidence.
- No physical presence: The absence of a physical presence in Nigeria is cited as a reason for not requiring an audit.
- No coercion: There is no record of coercion of users.
- Formal procedure: The investigation did not follow formal procedures.
- Challenge to final order: WhatsApp and Meta believe the FCCPC’s final order is unreasonable and unsupported by proper evidence.
WhatsApp asserts that Nigerian users were not coerced into accepting service terms and could opt out if desired, contrary to FCCPC claims. The company argues that it has not harmed Nigerian users' interests and does not need to provide a written assurance of rights compliance.
Additionally, WhatsApp contends that the FCCPC did not grant a fair hearing before imposing the fine, which lacks clarity on its calculation and was issued without the Executive Vice-Chairman’s signature.
Despite these issues, WhatsApp’s responses remain largely in denial, indicating ongoing disputes between the FCCPC and Meta.
Read: 3 reasons why WhatsApp will not leave Nigeria