WhatsApp is raising the minimum age limit to use its services by three years, from 13 to 16, in Europe. The move is in compliance with the new European General Data Protection Regulation (GDPR), coming into effect on May 25.

 

Are you 16 yet?

As of now, anyone of age 13 or more can legally register for WhatsApp’s services on their own. However, with the GDPR coming into effect next month, WhatsApp has revised its terms of service and privacy policy, and the European citizens will now require to confirm that they are at least 16 years of age in order to use WhatsApp. The new rules are applicable for everyone, whether you’re a first-time WhatsApp user or already have the app installed. Everyone will need to agree to the new terms of service and privacy policy.

The minimum age limit will remain 13 years for the rest of the world. It is, however, unclear if the age check will simply be a self-reporting process. Beyond raising the age limit, WhatsApp now also let users to download a copy of their data, which will contain their contacts and any numbers they’ve blocked.

 

 

Facebook, WhatsApp’s parent company, meanwhile, has a separate data policy of its own. Its approach in terms of the age requirement is also slightly different from WhatsApp. Teens aged between 13 to 15 will need their parents to agree to Facebook Terms on their behalf for sharing personal information on the platform. If they don’t get permission, they’ll see a more generic version of Facebook that’s not customized based on their data.

 

What is GDPR?

Passed by the European Union (EU) in 2016, the General Data Protection Regulation (GDPR) is a new set of rules for how companies manage and share user’s personal data. The GDPR rules are basically a revision of rules set by earlier EU privacy measures like the Privacy Shield and Data Protection Directive. However, there are two big changes that has made companies go into a mad dash.

First, the GDPR sets a higher bar for companies needing to obtain personal data from users. Any company asking for personal data of an EU citizen will need explicit and informed consent from that person. The companies also must provide that person with a way to revoke that consent. EU citizens can also ask a company for a copy of all the data it has from them.

Second big change in GDPR is the penalty for violation of the rules. The new rules has set the maximum fines per violation at 4% of the company’s global turnover (or $20 million, whichever is larger). It is a lot higher than the existing fines cap. Big guns, like Google and Facebook could withstand this, but it would be enough to sink smaller firms.

Theoretically, the GDPR only applies to EU citizens’ data, but the global nature of the internet means EU has forced most of the companies around the globe to rewrite and reshape their data policies. The new rules go into effect on May 25th, and if you’re not following the rules by then, you’re in trouble. And no one in this world invites troubles, not even WhatsApp or Facebook.