The unexpected happens as the Facebook-owned messaging company Whatsapp is faced with some unforeseen heat from Ireland as the Irish DPC (Data Protection Commission) announced a €225 million ($267) fine for privacy law breaches.
After the first complaints that were fired to the messaging company, Whatsapp, and two years of being under investigation, the company is currently faced with four times the penalty of €50m, which was initially proposed for not informing its users on how their data are processed and shared with its parent company Facebook.
The fine charged to the messaging app Whatsapp is related to the EU Data rules about transparency confirmed in 2018.
One of the fundamental principles of the GDPR is the transparency of how people’s data and information are processed and used.
According to one Whatsapp spokesperson who says “WhatsApp is committed to providing a secure and private service. We have worked to ensure the information we provide is transparent and comprehensive and will continue to do so. We disagree with the decision today regarding the transparency we provided to people in 2018,”
The decision made today, 2nd September 2021, concludes that it did not meet the required standard, and rather than giving them six months to comply, the board has shortened it to 3 months.
Whatsapp disapproves of this and describes this as “entirely disproportionate,” thus appeals against the decision.
GDPR next move?
At the beginning of the year, users were concerned about Whatsapp’s new change regarding their private data, which caused users to flee to using rivals like Telegram and Signals.
Reacting to the Whatsapp decision made by DPC today, the European privacy campaigner Max Schrems said: “We welcome the first decision by the Irish regulator. However, the DPC gets about ten thousand complaints per year since 2018, which is the first major fine. The DPC also proposed an initial €50MK fine and was forced by the other European data protection authorities to move towards €225M, which is still only 0.08% of the turnover of the Facebook Group. The GDPR foresees fines of up to 4% of the turnover. This shows how the DPC is still extremely dysfunctional.”
At this time, the Irish regulator is looking into other big tech organizations with over two dozen investigations open.