Why Facebook's app integration ploy throws fresh challenges for regulators

Illustration: Ajay Mohanty
Facebook is in the process of integrating the technology behind its messaging applications — Facebook Messenger, WhatsApp, and Instagram Direct, The New York Times reported last month. The news report flagged off concerns over privacy, as well as competition. 

In the Indian context, there has been an increased focus on social media platforms owing to issues of fake news leading to mob violence and biases based on political leanings. The Union government has sought to bring in new rules making intermediaries like social media platforms more liable in actively blocking content. The draft rules were open for comments till January 31, 2019. 

Experts said that in terms of privacy, and competition in specific, technical integration of this nature would have several repercussions. 

Bigger, not better

Technical integration of messaging applications of the companies owned by Facebook will mean combining their global user base of 2.6 billion. In India, there are over 200 million monthly active users on WhatsApp alone. With interoperability and the ability to reach out to others across different applications, Facebook will have an immense user base not just in India, but also globally.  At present, the three messaging applications are separate, and users of each application can only communicate with those present on that specific platform. The integration, however, will lead to increased network effects, said Smriti Parsheera, consultant at the National Institute of Public Finance and Policy. 

For instance, new users of WhatsApp platform are attracted to the service because of the large number of existing users, while the existing users benefit from the addition of each new user. “The proposed merger will extend these network effects across the Facebook group with resulting implications for competition in the market,” she said.

Implications on competition

India’s existing merger control norms may not apply to the proposed merger of the technical infrastructure of Facebook Messenger, WhatsApp, and Instagram Direct. “They may escape merger control scrutiny given their negligible/low turnover from India,” said Nisha Kaur Uberoi, partner & national head of competition law practice at Trilegal. “The Competition Commission of India (CCI) can still initiate an investigation against the combined entity for potential abuse of dominant position,” she added.

Parsheera agreed, highlighting that even the CCI had found WhatsApp to be a dominant player in the consumer communications apps market in a 2016 order. “Besides increasing entry barriers, this raises other issues of abuse of dominance, such as imposing unfair terms on users, particularly in terms of data collection, use and sharing policies,” she said.

As an intersection between competition and privacy, the question whether the CCI should be a privacy watchdog is an ongoing debate, said Avirup Bose, associate professor of competition law, Jindal Global Law School. “How data can be potentially used to gain a significant share of the digital market is a competition concern and should be addressed by the CCI,” he said.

Data protection and privacy 

Privacy harm is another major issue where such integration will have an impact, especially if the government seeks information on individuals. “It is like a single master key to all personal data. If all data is integrated, and the government asks for information from any source, it leads to a system of mass surveillance across the country,” said Apar Gupta, executive director, Internet Freedom Foundation. 

Even with end-to-end encryption, as with WhatsApp, a lot can be gleaned from the metadata, which is accessible, Parsheera said. This level of aggregation leads to deeper insight and personal profiling, Gupta said. 

Experts pointed out the regulatory system on protecting data and privacy of users is severely limited at present. Gupta noted there was an immense regulatory gap owing to the absence of an expert body in the nature of a Data Protection Authority or Privacy Commissioner’s Office with statutory powers to call for information and implement substantive safeguards. 

“The substantive elements of data protection and informational privacy are also not fleshed out in the statute,” Gupta said.

Making it accountable

Proposed measures in draft Regulations 2018 (in addition to the 2011 Rules)

The Information Technology [Intermediaries Guidelines (Amendment) Rules] 2018 

  • Intermediaries to introduce automated technology to proactively identify and remove public access to ‘unlawful information or content’
  • An intermediary with over 5 million users to be a company incorporated in India with a registered office and nodal person of contact
  • The intermediary will be required to provide ‘information and assistance’ to the requisite government agency based on a ‘lawful order’

Implications

  • No change in the broad definition of intermediary. Does not differentiate between different online services like search engines, social media platforms, messaging applications, online payment portals, etc
  • Automated blocking causes inordinate curbs on speech
  • A requirement of 5 million users covers most bigger social media platforms, that are largely US-based and may not register companies here 
  • No definition of a ‘lawful order’



Business Standard is now on Telegram.
For insightful reports and views on business, markets, politics and other issues, subscribe to our official Telegram channel