The Hamburg Commissioner for Data Protection and Freedom of Information has issued an administrative order which prohibits Facebook with immediate effect from collecting and storing data of Germany's 35 million WhatsApp users. Facebook has also been ordered to delete any historic data in relation to German users which it has stored from WhatsApp.
Despite this acknowledgement from WhatsApp, the German data protection agency has stated that the sharing of data between the two platforms is 'misleading to their users and the public, but also constitutes an infringement of national data protection law'. Without any formal legal basis for accessing WhatsApp data or obtaining approval from the users of the app, Facebook will be prohibited from accessing data from the app.
What does this mean?
This decision poses a serious question for how businesses can advertise content and use user data from social media to inform and facilitate consumer marketing activities. Companies will have to ensure that security is adequate when using platforms such as Facebook and WhatsApp. Currently Facebook provides targeted advertisements in users newsfeeds, but under the German model, businesses would have little control over published commercial content or the value they would receive from this. This risk will remain 'one to watch' for businesses who want to use online advertising on social media platforms and potential future restrictions that made be imposed by the General Data Protection Regulation, which comes into force on 25 May 2018.