Share photos, forward screenshots of other people’s conversations or include someone in a group of WhatsApp without permission is illegal behavioras experts from the Open University of Catalonia (UOC) recalled on the occasion of today’s celebration of the WhatsApp 13th Anniversary.
Experts remind that the Data Protection Act also applies to WhatsApp messages and that their infraction can be reported, although they admit that there are thousands of users who are unaware of these infractions and forwarding photos or conversations without permission is common.
The WhatsApp social network was created on February 24, 2009 by the Ukrainian nationalized American Jan Koum and currently has more than 2 billion users worldwideof which some 32 million correspond to Spain, where 84% of its users state that they communicate through this social network several times a day.
According to the UOC, it is estimated that currently more than 100,000 million messages a day on WhatsAppmany of which violate laws such as Data Protection or Intellectual Property.
Send screenshots of another person without their consent
Although data protection regulations do not affect the personal or domestic context, they do apply when data is disseminated over the internet, either openly or to a large number of recipients. Keep in mind that the screenshots display conversations that can directly or indirectly identify a person, which could lead to a data protection violation.
The regulations in this area apply not only to identified data —such as name and surname, ID or telephone number—, but also to identifiable data, that is to say, to those that allow us to know who is behind the conversation without making a disproportionate effort. The reality is that, in most cases, the dissemination of screenshots of WhatsApp conversations, whether through groups or other social networks, makes it relatively easy to identify the participants thanks to the context information, their names in the chat or even the data exposed in the conversation itself. In addition to the data protection violation, depending on the type of conversation, the affected people could claim a compensation for damages, for a possible injury to their right to honor or privacy. Likewise, in the most serious cases, if a private conversation of third parties is broadcast, a crime of Discovery and disclosure of secrets.
Disseminate images, audios or videos of a third person without their consent
The Spanish Agency for Data Protection has imposed economic sanctions on individuals in different circumstances for disseminating audiovisual content of third parties without their permission. For example, for recording a police action and broadcasting it without hiding any data or, in more serious cases, for sharing intimate photos of a third person. In addition, the affected person could claim compensation for damages, for a possible injury to their right to honor, privacy or their own image. In the most serious cases, as happens with screenshots, if private photographs, videos or audios of third parties are disseminated, a crime of discovery and disclosure of secrets could be incurred.
Create a professional WhatsApp group without asking for authorization
The creation of WhatsApp groups is also not outside the data protection regulations. In fact, to add a person in a professional WhatsApp group it is necessary to ask for prior consent. Recently, the Spanish Data Protection Agency imposed a sanction on a sports club that had created a WhatsApp group and added a former member.
Create a corporate WhatsApp group with members who do not know each other
This behavior can be compared to sending an email without a blind copy. The Catalan Data Protection Authority (APDCAT) has recently sanctioned a city council for creating a WhatsApp group with citizens, despite having previously asked for their consent. The reason is that, by adding these contacts, there is data that is inevitably exposed – such as the photo, name, surname or mobile phone number – and this violates confidentiality. In this case, when it comes to a corporate group with members who do not know each other, a distribution list should be chosen, instead of a group, since the list allows the sending of individual messages without exposing third party data.
–
