Must Read
Messaging app WhatsApp was fined ~$267M (€225M) by EU privacy regulators for failing to disclose how it collects and shares users’ data with its parent company, Facebook.
The fine and ruling came from the Irish Data Privacy Commission acting on behalf of the EU’s privacy body.
It found WhatsApp in violation of the EU’s General Data Protection Regulation (GDPR), Europe’s privacy law.
The GDPR is a legal guideline for collecting and using the personal data of individuals who live in the EU. It was adopted in 2016 and went into effect in 2018.
The privacy regulators gave WhatsApp three months to update its communication with users regarding how their data is collected and used in compliance with the GDPR.
Under the GDPR, privacy regulators can fine companies up to 4% of their global annual revenue or ~$24M (€20M), whichever is larger.
WhatsApp plans to appeal the decision, stating the punishments were “entirely disproportionate.”
WhatsApp can appeal the decision in Ireland’s courts or directly with the EU’s Court of Justice.
In July, Luxembourg’s privacy regulators fined Amazon $887M (€746M), the largest amount to date, regarding its advertising practices.
It also ordered the retail giant to change some of its business practices. Amazon did not disclose details on the practices.
Amazon also plans to appeal the decision.
In Dec. 2020, Twitter was fined ~$533 (€450M) for not disclosing, within 72 hours, that it had suffered a data breach.
In Jan. 2019, Google was fined $57M by French privacy regulators for failing to get proper user consent to collect and use their personal data for targeted advertising.