Contents

1. Summary
   1. Facts
   2. Holding
2. Comment
3. Further resources
4. Decision

Summary

This was an investigation by the Federal Competition and Consumer Protection Commission (FCCPC) into possible violations by WhatsApp LLC and Meta Platforms, Inc. in Nigeria. The key points include:

1. Dorminance: The FCCPC examined WhatsApp's dominance in the Nigerian market and potential abuses related to its Updated Privacy Policy introduced in May 2021. The policy's imposition on Nigerian users raised concerns about fairness and compliance with the Nigerian Data Protection Regulation (NDPR) and the Federal Competition and Consumer Protection Act (FCCPA).
2. Abuse of Dominance: WhatsApp and Meta were found to leverage their market dominance to enforce exclusionary practices and create barriers to entry, resulting in consumer abuse. The policy was foisted on Nigerian users without fair consent practices, leading to violations of NDPR and FCCPA standards.

It was found that WhatsApp's 2021 Privacy Policy violated Nigerian users' data rights, deemed excessive and exploitative. WhatsApp's dominance led to abuse of this dominance. Recommendations included immediate NDPR compliance, stopping data sharing without explicit consent, and penalties of Naira 30 Million under the 2020 Administrative Penalties Regulations.

Facts

The case against Meta, specifically regarding WhatsApp's Updated Privacy Policy, involved several key issues and findings by the Federal Competition and Consumer Protection Commission (FCCPC).

The investigation began on June 10, 2021, with an Order to Show Cause issued by the FCCPC to WhatsApp and Facebook (now Meta). This was based on evidence suggesting potential violations of the FCCPA and NDPR due to the Updated Privacy Policy introduced by WhatsApp.

Meta was included in the investigation due to its control over WhatsApp and the benefits it gained from the updated policies through technical integrations. It was found that Meta misled the Commission by providing outdated or misleading privacy policies during the investigation.

WhatsApp's Updated Privacy Policy in 2021 was found to be coercive, forcing users to accept new terms or face degradation of service functionality.

This policy bundled necessary data for service provision with excessive and non-essential data without obtaining explicit user consent. This practice was deemed unfair, unreasonable, and exploitative under Nigerian law.

The investigation revealed that Nigerian users were treated differently compared to European users.

While the GDPR (which the NDPR mirrors) provided European users with detailed information and the ability to withdraw consent without losing functionality, Nigerian users were not afforded the same rights. This disparity was deemed discriminatory and exploitative.

Meta was found to have abused its dominant position by tying and bundling data collection practices in a way that was not necessary for the provision of WhatsApp services. This forced users to consent to data sharing with Facebook and other third parties for profiling and marketing purposes, without proper user consent.