The new policy, which came into force on May 15th this year, grants WhatsApp the right to share users’ data with Facebook and its companies.
The new policy also allows Whatsapp users the liberty to decide whether to give out consent to processing of their data.
According to a statement on Tuesday by NITDA Head of Corporate Affairs and External Relations Hadiza Umar, data to be collected and shared would include: account information; messages (including undelivered messages, media forwarding); connections; status information; transactions and payments data; usage and log information; device and connection information; location information; and cookies.
Others were: battery level; signal strength; app version; browser information; mobile network; connection information (including phone number, mobile operator or ISP), language and time zone; Internet Protocol address; device operations information and social media identifiers.
Although Facebook, in response to inquires by NITDA on the new policy, had confirmed that private messages shared on WhatsApp consumer version were encrypted and not seen by the company, the metadata (data about the usage of the service), which are also personal information, would be shared with other members of the its subsidiaries.
These data, according to Facebook, would be shared with its companies to further enhance, “operate, provide, improve, understand, customize, support, and market our services and their offerings, including the Facebook Company Products.”
NITDA, however, called on Nigerians to limit the sharing of sensitive personal information on private messaging and social media platforms as the initial promise of privacy and security was now being overridden on the basis of business exigency.
“Nigerians may wish to note that there are other available platforms with similar functionalities which they may wish to explore. Choice of platform should consider data sharing practices, privacy, ease of use among others.”
According to the statement, NITDA noted that it was engaging with Facebook to find a better way of protecting the data of Nigerians.
“We have given them our opinion on areas to improve compliance with the Nigeria Data Protection Regulation (NDPR). We have also raised concerns as to the marked difference between the privacy standard applicable in Europe, under the GDPR and the rest of the world.
“Given the foregoing and other emerging issues around international technology companies, NITDA, with stakeholders, is exploring all options to ensure Nigerians do not become victims of digital colonialism. Our national security, dignity and individual privacy are cherished considerations we must not lose.”
It added that it would work with the Federal Ministry of Communications and Digital Economy to organise a hackathon for Nigerians to pitch solutions that could provide services offering functional alternatives to existing global social platforms.