On Thursday, the Facebook-owned messaging app announced it was making changes to its policy “as part of our plans to test ways for people to communicate with businesses”, suggesting the service could be used in the future by banks to notify customers of possible fraud or by airlines to report flight delays.
As part of this plan, WhatsApp said it would begin sharing user information - including phone numbers - with the “Facebook family of companies”, but would not make data public or share it with advertisers.
In response, Information Commissioner Elizabeth Denham said: “The changes WhatsApp and Facebook are making will affect a lot of people. Some might consider it’ll give them a better service, others may be concerned by the lack of control.
“Our role is to pull back the curtain on things like this, ensuring that companies are being transparent with the public about how their personal data is being shared, and protecting consumers by making sure the law is being followed.
“We’ve been informed of the changes. Organisations do not need to get prior approval from the ICO to change their approaches, but they do need to stay within data protection laws. We are looking into this.”
WhatsApp, which was bought by Facebook in 2014 in a deal worth £16.5 billion, reiterated that all messages within the service would remain encrypted end-to-end.
“Our belief in the value of private communications is unshakeable, and we remain committed to giving you the fastest, simplest, and most reliable experience on WhatsApp,” the company said.