WhatsApp and its parent company, Meta Platforms Incorporated, have cited 22 reasons why the Federal Competition and Consumer Protection Commission (FCCPC) order imposing a $220 million penalty should be set aside by the Competition and Consumer Protection Tribunal, among others.
Highlights
- WhatsApp and Meta Platforms Incorporated argue that the FCCPC’s $220 million penalty should be overturned, citing 22 reasons including vague directives, unjustifiable data-sharing orders, and procedural errors.
- They claim the FCCPC’s demands are vague, technically impossible to implement within the given timeframe, and not supported by Nigerian law.
- The fine follows an investigation into alleged violations of data protection and consumer rights by Meta, with similar large fines imposed on tech giants by European regulators.
This is detailed in their notice of appeal against the FCCPC, which was exclusively seen by Nairametrics.
Nairametrics previously reported that the FCCPC, an agency under the Federal Ministry of Industry, Trade and Investment (FMITI), had imposed a $220,000,000 penalty on Meta Platforms Incorporated over alleged discriminatory practices against Nigerian data and consumers.
Why FCCPC penalized Meta platforms, WhatsApp
In a statement signed by the Acting Chief Executive Officer of the FCCPC, Dr. Adamu Abdullahi on July 26, 2024, the penalty followed a joint investigation by the Commission and the Nigeria Data Protection Commission (NDPC) into Meta Platforms’ conduct, privacy policies, and practices between May 2021 and December 2023, a period of 38 months.
According to the statement, in May 2021, the Commission had directed WhatsApp LLC and Meta Platforms, Inc. (formerly called Facebook Inc.) to defend themselves regarding its investigative report, which detailed how their conduct allegedly violated relevant data laws.
Meta was said to have provided some information in response to the requests and summons under the joint investigation.
However, the Commission disclosed that the investigation concluded that Meta Platforms had engaged in conduct constituting continuing infringements of Nigeria’s consumer protection and data laws over an extended period.
It expressed concerns about Meta’s allegedly abusive and invasive practices affecting data subjects and consumers in Nigeria.
These included unauthorized use of personal data, discriminatory treatment compared to other regions with similar regulations, and the exploitation of market dominance to enforce privacy policies that collect personal information without giving consumers the option to consent or refuse.
“The Final Order of the Commission mandates steps and actions Meta Parties must take to comply with prevailing laws and cease the exploitation of Nigerian consumers and market abuse, as well as desist from future similar or other conduct/practices that do not meet nationally applicable standards and undermine the rights of consumers,” the FCCPC statement partly reads.
WhatsApp, Meta platforms grounds of appeal
In the social media giants’ 22 reasons listed in their notice of appeal seen by Nairametrics, their legal team argued that the FCCPC erred in all the findings, directions, and decisions contained in its orders.
They are leveraging their appeal to ask the tribunal to quash the FCCPC’s orders in their entirety.
Here are the reasons listed by WhatsApp and Meta Platforms:
Vague Rights of Nigerian Users
Meta Platforms insisted that the FCCPC’s directive to “immediately reinstate the rights of Nigerian users to self-determine and control the use, processing, sharing, or transfer of their data” is unreasonably vague, creating excessive uncertainty.
According to Meta, the obligation requested by the FCCPC does not consider the operational complexities inherent in the WhatsApp service, thereby imposing an impossible burden on the appellants.
Ambiguous privacy policy order
Meta insisted that Nigerian users are fully at liberty to reject its privacy policy by declining to accept WhatsApp’s Terms of Service and not using the WhatsApp service.
Furthermore, it argued that the privacy policy order by FCCPC is ambiguous because WhatsApp had updated its privacy policy in a format that allows Nigerian users to fully express their legitimate rights prior to the initiation of the FCCPC’s investigation.
Unjustifiable order on data sharing between platforms
Meta insisted that it is unjustifiable for the FCCPC to order it to immediately halt sharing WhatsApp user information with other Facebook companies and third parties until users have voluntarily consented to each aspect of how their data will be used.
It submitted that forcing WhatsApp to rely on consent for its data sharing is discriminatory, contrary to the express provisions of the law, and disregards industry-standard practices.
Meta privacy policy not subject to FCCPC approval
WhatsApp and Meta insisted that Nigerian law does not require that the privacy policy of a data controller be approved in advance by either the Commission or the Nigeria Data Protection Commission (NDPC), nor does the law authorize any of the agencies to insist on such prior approval.
Meta can’t revert to its data sharing practices of 2016
Meta insisted that there is no legal basis for the Commission to direct the appellants to revert to the “data sharing practices adopted in 2016” (which allowed users to consent or withhold consent).
It maintained that the companies’ data practices do not violate Nigerian law and, therefore, do not warrant such a directive from the Commission.
Unclear blockage of WhatsApp data transfer to Facebook
The appellants submitted that the instruction to stop transferring data from WhatsApp to Facebook and other third parties without explicit consent from users is unclear, as one can make full use of the WhatsApp messaging service without signing up for a Facebook account or any other Meta product.
No need for written assurance to FCCPC
The appellants stated that they had not taken any steps detrimental to the interests of their Nigerian users and that there was no need for the FCCPC to mandate them to submit a “written assurance” assuring it would not infringe on consumers’ rights.
Erroneous proposed remedy package for consumers
The appellants argued that they have no remedy “package” to comply with.
Furthermore, they contended that the 15-day timeframe stipulated by the order for the execution of the “Proposed Remedy Package” for consumers is inadequate and does not provide an adequate period for implementation.
Meta can’t pay FCCPC $35,000 as investigation cost
The appellants submitted that the Commission erred in law when it ordered that the “Meta Parties shall reimburse the Commission the cost of the investigation in the sum of Thirty-Five Thousand U.S. Dollars only ($35,000.00) (at prevailing exchange rate where applicable) under Section 23(2)(f) of the FCCPA.”
They argued that there is no legal basis for the Commission to direct the appellants to reimburse the costs of conducting its investigation, as they are not obligated by or liable in law to pay these costs.
$220 million penalty is hefty
The appellants also argued that the FCCPC denied them a fair hearing by imposing a hefty penalty without giving them an opportunity to understand the means by which the penalty would be calculated and to respond to the calculation of the proposed amount.
Impossible to build Data Consent Mechanisms
The appellants argued that contrary to the FCCPC’s order on compliance, it would be impossible to identify and build a consent mechanism for each data point processed by Nigerian consumers. They added that doing so would be “extremely expensive.“
FCCPC can investigate Meta without requiring the presence of Its personnel
The appellants argued that FCCPC experts can always conduct data handling compliance audits of Meta, without needing its personnel.
“Further, the appellants have no physical presence in Nigeria, thus negating any need for, or point in having, an audit from the Commission,” they stated.
Meta Can’t be compelled to obtain FCCPC prior approval
The appellants stated that the Commission has no powers to compel them to obtain the approval of the Commission or the NDPC prior to the publication of its privacy policy within ten days.
They further argued that updates to its privacy policy require extensive engagement with stakeholders across WhatsApp, and substantial amendments can take months to implement.
Proposed remedy package will take time to implement
The appellants argued that it is not technically possible to implement any proposed remedy package for Nigerian consumers (whose rights have been allegedly infringed upon) within 15 days, as directed by the FCCPC.
WhatsApp, Meta does not coerce Nigerian consumers
The appellants argued that if FCCPC’s Order Number 5 of the Final Order is intended to reference “tying in the sense of coercion by an allegedly dominant party of a consumer to accept a tied product as a condition of receiving a tying product, leading to the foreclosure of competition,” no such thing exists in WhatsApp or Meta.
Meta wasn’t formally probed by FCCPC
The appellants argued that the Commission erred when it ordered Meta to produce information in the investigation of WhatsApp without formally initiating an investigation of Meta.
They argued that WhatsApp is a distinct legal entity from Meta.
No need to penalize Meta
The appellants further argued that there was no evidence before the Commission showing that WhatsApp was acting on behalf of Meta, and therefore no evidence to warrant treating Meta as a target of the Commission’s orders.
Fair hearing
WhatsApp and Meta argued that the Commission erred in issuing the Final Order because it failed to consider the submissions made by the appellants before issuing the final order, thereby violating their right to a fair hearing.
WhatsApp, Meta was not allowed to query the calculation of the penalty
The appellants urged the tribunal to hold that the Commission was in error because it did not afford them an opportunity to make representations on the feasible period required for compliance with its decisions, the amount of the penalty imposed, or the methodology employed in calculating the penalty.
FCCPC made no findings against WhatsApp, Meta
The appellants’ legal team also argued that the Final Order issued by the Commission is fundamentally flawed due to its failure to disclose any findings of fact or law or to provide reasons for the decisions or penalties.
FCCPC fined WhatsApp and Meta without the signature of its Executive Chairman or Vice Chairman
The appellants argued that the position of the Executive Vice-Chairman of the FCCPC was allegedly vacant at the time the Final Order was signed.
It stated:
“To be clear, while President Bola Tinubu appointed Mr. Olatunji Bello on June 24, 2024, as the Executive Vice-Chairman of the Commission, his appointment had, at all material times, not been confirmed by the Senate in accordance with Section 5 of the FCCPA.
“Thus, it effectively means that the position of the Executive Vice-Chairman was vacant on the date shown on the face of the Final Order.”
Unreasonable orders
WhatsApp and Meta believe that the Final Order of the FCCPC “is unreasonable and against the weight of evidence.”
They urged the Tribunal to allow their appeal and set aside all of the decisions reached in the Final Order of the Federal Competition and Consumer Protection Commission.
What you should know
Per data from Statista, there were nearly 41.6 million Facebook users in Nigeria as of May 2023, which is 18.5% of the country’s population.
Following the FCCPC’s orders, WhatsApp reacted, saying, “In 2021, we went to users globally to explain how talking to businesses, among other things, would work. While there was a lot of confusion then, it has actually proven quite popular.”
Meanwhile, fines such as the ones imposed against Meta are not uncommon. Last year, the European Data Protection Agency fined the tech giant Facebook a record €1.2 billion for not complying with the EU’s privacy regulations.
The Irish Data Protection Commission stated that Meta, the parent company of Facebook, violated the General Data Protection Regulation (GDPR) by transferring large amounts of European Facebook users’ personal data to the United States without adequately protecting it from U.S. data surveillance practices.
Amazon had previously been fined €746 million by Luxembourg, and the Irish regulator imposed four fines on Meta’s platforms—Facebook, Instagram, and WhatsApp—ranging from €225 million to €405 million between 2021 and 2023.
Over the past five years, Big Tech companies Amazon, Meta, and Google have faced some of the largest fines imposed under the European Union’s General Data Protection Regulation (GDPR) privacy laws.
The legality or illegality of the recent penalties and orders against WhatsApp and Meta Platforms is now a matter for the courts to determine.