The Irish Data Protection Commission (DPC) says it has imposed the largest fine on WhatsApp for violating the General Data Protection Regulation (GDPR). European officials say WhatsApp has not been clear enough about which companies the communications program shares under the umbrella of WhatsApp owner Facebook.
The DPC has been reviewing WhatsApp's compliance with the European Union's General Data Protection Regulation (GDPR) since 2018. The fine of 225 million euros (about $267 million) comes after the European Data Protection Board (EDPB) It investigated the case and informed the DPC in late July about the amount it should charge WhatsApp. The initial fine was only 50 million euros. A WhatsApp spokesperson said the company did not agree with the decision and thought the punishment was disproportionate. WhatsApp intends to review.
After a DPC investigation found that WhatsApp's transparency about what it does with user information does not comply with GDPR obligations, the EDPB investigation found WhatsApp breaches to be more serious. WhatsApp IE about non-user data collections - When users decide to use the calling feature - EDPB detects that in the current case, the method used by WhatsApp IE does not anonymize the personal information collected. Example.
Enforcement Decision No. 1/22021 on Dispute over WhatsApp Ireland Draft Resolution on Article 65(1)(a) GDPR by EU Data ProtectionWhatsApps founders Brian Acton and John Com designed it as a privacy-focused communication app. After it was acquired by Facebook in 2014, it wanted to collect information about WhatsApp users for targeted advertising, which led to disagreements with its founders. Acton and Kom finally left. Acton started developing Signal, another privacy-focused communication app. This data can include things like phone numbers, friends' phone numbers, and diagnostic data. Initially, he was threatened that he would eventually delete the mismatched accounts, but he was stopped.
WhatsApp fined $267 million for violating GDPR