London (UK): Ireland’s privacy watchdog has fined WhatsApp a record 225 million euros ($267 million) after an investigation found it breached stringent European Union data protection rules on transparency about sharing people’s data with other Facebook companies.
The Data Protection Commission said Thursday that it was also ordering WhatsApp to take “remedial actions” to change the way it communicates with users so that it complies with EU regulations. WhatsApp, which has 2 billion users worldwide, said the fine was out of proportion and it would appeal the decision.
The watchdog’s announcement wraps up an investigation into the Facebook-owned messaging service that opened in December 2018, after the EU rules, known as General Data Protection Regulation, or GDPR, took effect. It’s the second penalty - and the biggest - issued by the Irish watchdog under GDPR. Last year it fined Twitter 450,000 euros for a security breach.
“WhatsApp is committed to providing a secure and private service,” the company said in a press statement. “We have worked to ensure the information we provide is transparent and comprehensive and will continue to do so. We disagree with the decision today regarding the transparency we provided to people in 2018 and the penalties are entirely disproportionate.”
Read: HC asks Centre to respond to pleas by FB, WhatsApp challenging IT Rules
The commission said the case examined whether Facebook followed GDPR requirements to be transparent for both users and those who didn’t use its service, including how people’s data is processed between WhatsApp and other Facebook companies. In other words, it focused on how much detail was provided in its privacy policy, which has since been updated.