The company was awaiting clarification from the Reserve Bank of India on data storage before it took a final call on data localisation.
Even as speculation continues around the launch of WhatsApp Payments in India, the company seems to be at loggerheads with the authorities over storage and processing of user data.
The company’s privacy policy specifies that users in the country should agree to their payments data being stored in the US and other countries.
“If you use Payments, you agree to our data practices, including the collection, use, processing, and sharing of your information as described in our Privacy Policy and our Payments Privacy Policy, as well as the transfer and processing of your information to the United States and other countries globally, where we have or use facilities, service providers, or partners, regardless of where you use Payments,” the company’s official page for terms and conditions of Indian payment service states.
WhatsApp declined to respond to emailed queries of Business Standard on data storage and sharing with Facebook, which runs the networking platform.
A source with direct knowledge of the matter, however, said the company was awaiting clarification from the Reserve Bank of India on data storage before it took a final call on data localisation.
In April, the Indian central bank had directed all payment players to store all financial data related to Indians in the country only. This had irked a lot of fintech firms, including major card networks.
While the RBI gave companies six months to comply with the directive and move all data and processing units to India, a bunch of foreign firms, including card networks, are trying to get the mandatory requirement of storing all copies of data in India relaxed, sources said.
This is a major reason why WhatsApp hasn’t received a full scale operating licence yet from the National Payments Corporation of India, which runs the Unified Payments Interface.
“The company also needs to open itself to UPI conditions,” said an industry insider.
WhatsApp launched its payments service last year in collaboration with ICICI Bank after getting permission from NPCI to run a beta version, which is limited to one million users. But it has barely had a smooth run. After it was reported that WhatsApp was sharing data with Facebook, it clarified that it was not sharing any financially sensitive information.
However, the latest privacy policy on its website updated on June 22 states that the company does share information with third parties, including Facebook, even though the social media giant cannot access encrypted transaction information. It’s not clear exactly how much information is encrypted.
The government has also written two letters to the NPCI on the issue, but is yet to receive a response.
“The main concern was about two factor authentication and data storage. Although NPCI can’t force WhatsApp to store all financial data in India, as the company has time till October to comply, but given the vast user base of WhatsApp, the authorities are not taking any chances,” a government official said.
The apprehension on the part of the government regarding data safety arose as Facebook, had been involved in cases relating to data misuse.
Although the concerns raised by the ministry of electronics and information technology were not binding on the NPCI or the RBI, the bodies are taking steps to preclude any issue surrounding the financial data of Indian users. WhatsApp is not likely to get the go-ahead unless it complies with all rules laid down by the RBI, sources said.
Photograph: Dado Ruvic/Reuters.
'WhatsApp is a major security risk to India'
RBI wants customers' financial data stored in India
How WhatsApp plans to spread its wings
How WhatsApp plans to make money from business houses
No sharing users' financial data with Facebook, says WhatsApp