WhatsApp fined $267 million for breaching EU privacy rules and for failure to tell users how their personal information is used and shared with Facebook
Early this year, Elon Musk urged his 50 million Twitter followers to leave Facebook and use the secure messaging app Signal instead. It all started after a revelation that WhatsApp, a Facebook-owned app, began issuing a privacy update notification to users making clear that it is sharing user data with Facebook.
Today, Ireland’s Data Protection Commission (DPC) fined WhatsApp, which is used by 2 billion people worldwide, a record 225 million euros ($267 million) for breaching EU data privacy rules. The watchdog said Thursday that WhatsApp did not tell citizens in the European Union enough about what it does with their data.
“The Data Protection Commission (DPC) has today announced a conclusion to a GDPR investigation it conducted into WhatsApp Ireland Ltd. The DPC’s investigation commenced on 10 December 2018 and it examined whether WhatsApp has discharged its GDPR transparency obligations with regard to the provision of information and the transparency of that information to both users and non-users of WhatsApp’s service. This includes information provided to data subjects about the processing of information between WhatsApp and other Facebook companies.”
“In addition to the imposition of an administrative fine, the DPC has also imposed a reprimand along with an order for WhatsApp to bring its processing into compliance by taking a range of specified remedial actions,” DPC wrote.
A WhatsApp spokesperson told the media that the company “is committed to providing a secure and private service,” they said. “We have worked to ensure the information we provide is transparent and comprehensive and will continue to do so.”
“We disagree with the decision today regarding the transparency we provided to people in 2018 and the penalties are entirely disproportionate,” the spokesperson added.