“The regulator remains of the view that despite WhatsApp operating in different legal and regulatory environments, there are effectively two privacy policies for the users of WhatsApp. There are substantial differences between the policies for users living in Europe and for users outside Europe.
“Given Facebook’s status as one of the world’s largest companies, the regulator is of the view that it should work with other organisations to hold Facebook accountable,” the statement read.
Facebook owns WhatsApp and Instagram.
On May 8 the organisation engaged the Global Privacy Assembly (GPA), of which it is a member, to obtain the position of the GPA on the compliance of the revised policy with generally acceptable data protection principles and whether it intends to engage WhatsApp on this matter.
On April 9 the Reseau Africain Des Autorite De Protection Des Donness Personelles (RAPDP), an African network of data protection authorities, “engaged robustly” with Facebook on the matter.
The regulator has also asked the portfolio committee on justice and correctional services to request Facebook SA and WhatsApp LLC to appear in parliament on this matter.