WhatsApp fined $267 million for not being clear enough about how it uses data

- Advertisement -

WhatsApp has been fined €225 million ($266 million) by the European Union’s privacy watchdog for privacy beaches.

- Advertisement -

Ireland’s Data Privacy Commissioner (DPC) investigated a possible GDPR breach by WhatsApp in 2018, regarding whether the messaging company was sufficiently sensitive to users and non-users about data processed by its parent company Facebook and other related companies. was transparent.

These concerns are not about sharing data, but about WhatsApp’s transparency with users in how data is shared.


The watchdog says that WhatsApp has violated a variety of articles in the GDPR Act.

As TechCrunch summarizes, it includes 5(1)(a); 12, 13 and 14. These relate to regulation that personal data is processed fairly and transparently, that companies must articulate their legitimate interests in collecting user data, and that when obtained from sources other than the user The data must be informed to them of what is the source, how it is processed, and the categories of personal data received, among other rules.

- Advertisement -

This includes, for example, WhatsApp uploading phone numbers of non-users if a user has given consent to the messaging platform having access to their contacts.

Along with this fine, WhatsApp has been ordered to update its privacy policy and change the way users are informed about data sharing. This has to be done within three months.

WhatsApp spokesperson told Granthshala that it would appeal against the decision, saying that it is “committed to providing a secure and private service. We have worked to ensure that the information we provide is transparent and comprehensive and will continue to Will keep doing

“We disagree with today’s decision regarding the transparency provided to people in 2018 and the penalties are completely inconsistent”.

The fine, which is the second largest ever since Amazon fined $888 million in July 2021, John Magee, head of DLA Piper’s privacy, data protection and security practice in Ireland, “showed the EU’s complex stability and dispute resolution processes at work.” Granthshala.

“A fascinating aspect of that process was the increase in the size of the fines proposed by the DPC before the range of €30m-€50m”, he continued. In July 2021, the European Data Protection Board (EDPB) asked the DPC to re-evaluate its findings and increase the proposed fines. This “highlights the importance of complying with GDPR’s rules on transparency in terms of data sharing between users, non-users and group entities”, Magee said.


Credit: www.independent.co.uk /

- Advertisement -
Mail Us For  DMCA / Credit  Notice

Recent Articles

Stay on top - Get the daily news in your inbox

Related Stories