EU privacy regulators order 'urgent' investigation into WhatsApp, Facebook data sharing

News Wireless Europe 15 JUL 2021
EU privacy regulators order 'urgent' investigation into WhatsApp, Facebook data sharing

The EU's national data protection regulators have called on the Irish watchdog to conduct an urgent investigation into the recent changes in WhatsApp's privacy policy and how it shares data with parent company Facebook, amid concerns the companies have violated privacy law. The regulators stopped short of taking action against Facebook, saying it was still too unclear how the company was using data on WhatsApp users. 

The EDPB, which unites national privacy regulators across the EU, looked at the case following a request from the Hamburg supervisory authority. The latter already ordered Facebook to stop processing WhatsApp user data for its own purposes, amid fears this may violate the EU's General Data Protection Regulation. The Hamburg authority then turned to Ireland's Data Protection Commissioner to investigate, as Facebook's European business is based in Ireland and hence ultimately falls under Irish supervision. 

The Hamburg regulator found efforts by Ireland's DPC insufficient and asked the EDPB to intervene. The latter did not find the Irish regulator lacking and said the change in WhatsApp's terms was not enough to justify urgent action. 

According to the EDPB, there is a "high likelihood" that Facebook is using WhatsApp user data for its own purposes, both to ensure security as well as develop products. "However, in the face of the various contradictions, ambiguities and uncertainties noted in WhatsApp’s user-facing information, some written commitments adopted by Facebook IE and WhatsApp IE’s written submissions, the EDPB concluded that it is not in a position to determine with certainty which processing operations are actually being carried out and in which capacity," the board said in a statement. 

Nevertheless, the EDPB said it sees a "high likelihood of infringements" and called for "swift further investigations". In particular, it wants to look into whether Facebook is cross-referencing WhatsApp user data with data from its other services, facilitated by the use of unique identifiers.

The EDPB asked the Irish regulator to carry out, "as a matter of priority", a statutory investigation to determine whether such processing activities are taking place or not, and if this is the case, whether they have a proper legal basis under the GDPR. Furthermore, it should look at Facebook's role in how data are processed for marketing purposes, cooperation with the other Facebook companies and the WhatsApp Business API. Facebook and WhatsApp were also informed of the decision. 

Categories:

MobileInternet

Companies:

FacebookWhatsApp

Regions:

Europe

Tags:

Messaging, Regulations, Advertising services

Related Articles

EUROPE 6 MAR 2023

WhatsApp pledges more transparency on updates to service terms after EU warnings

WhatsApp has committed to informing users better about changes to its services conditions and making it easier for users to reject the changes. This follows a warning from the EU and its network of consumer protection regulators. Also, WhatsApp confirmed that users' personal data are not shared with third parties or other companies in the Meta group for advertising purposes.

EUROPE 6 SEP 2022

Irish regulator imposes EUR 405 million fine on Meta for violating teen privacy

Meta's Instagram service has been told to pay a EUR 405 million fine for the way it handled teen data, Politico reported. The fine, imposed by the Irish Data Protection Commission (DPC) follows a EUR 225 million fine imposed on WhatsApp and another of EUR 17 million on Facebook. The regulator is still investigating at least six other cases with Meta-owned companies.

EUROPE 27 JAN 2022

EU consumer regulators call on WhatsApp to clarify change in user terms

The European Commission and consumer protection authorities in the EU have asked WhatsApp to provide more clarity on its change in 2021 in its user terms and conditions and its privacy policy. The request follows a complaint from the European consumer rights group Beuc that WhatsApp's new terms may not live up to the requirements of EU consumer protection regulations. WhatsApp was given until the end of February to clarify its position with regulators.

EUROPE 23 NOV 2021

WhatsApp updates EU privacy policy after GDPR fine

WhatsApp has updated its privacy policy in the EU, after receiving a EUR 225 million fine in September for violating the General Data Protection Regulation. The company said there were no changes to its data processing or the contract with customers, only an update of the language to add more details and make the privacy policy more clear to end-users. No action on the part of WhatsApp users is required. 

EUROPE 20 SEP 2021

DPC questions Facebook on smart glasses data privacy

Ireland's Data Protection Commission (DPC) has expressed concern about Facebook's new wearable smart glasses, developed in partnership with Ray-Ban.

IRELAND 15 SEP 2021

Ireland's DPC launches GDPR compliance investigations into TikTok

Ireland's Data Protection Commission (DPC) announced it has launched two own-volition inquiries into TikTok's compliance with EU GDPR requirements. 

EUROPE 13 SEP 2021

Irish data regulator blocking EU data protection action against Big Tech - ICCL

Ireland's Data Protection Commission (DPC) is "paralysing" EU efforts to crack down on data protection violations by major technology companies, according to a new report from the Irish Council for Civil Liberties (ICCL).

EUROPE 2 SEP 2021

WhatsApp fined EUR 225 million for privacy violations in EU

WhatsApp has been fined EUR 225 million by Ireland's Data Protection Commission for violations of the EU's General Data Protection Regulation. This follows an investigation started in December 2018 over whether WhatsApp made it clear how it collects and uses personal data, including disclosing how it shares data with other Facebook companies.

EUROPE 18 AUG 2021

Europe IT security spending to jump 8% in 2021

European IT security spending remains robust despite the impacts of the covid-19 pandemic and is expected grow 8.3 percent year-on-year in 2021, according to the latest study from IDC. European IT security spending will rise to a total value of USD 37.2 billion this year and reach a five-year (2020–2025) compound annual growth rate (CAGR) of 8.2 percent, passing USD 50 billion in 2025. 

GERMANY 18 AUG 2021

Hamburg data protection body tells city chancellery to avoid using Zoom

The Hamburg Commissioner for Data Protection and Freedom of Information (HmbBfDI) has officially warned the Senate Chancellery of the city against using the on-demand version of the Zoom video conference service. HmbBfDI says the service violates the EU's General Data Protection Regulation (GDPR) as its use is associated with the transmission of personal data to the US, where data protection is insufficient.

GLOBAL 20 JUL 2021

WhatsApp adds joinable group calls feature

Facebook-owned WhatsApp has introduced a new feature that allows users to join a group voice or video call after it has begun. Thanks to the joinable calls feature, users can join group calls by simply clicking the 'Calls' tab to bring up a screen with information about who is currently on the call plus invited users who have yet to join. The aim is to bring the spontaneity and ease of in-person conversations to group calling on the app, said WhatsApp in a blog post.

GLOBAL 19 JUL 2021

Last week in telecoms: Ericsson faces China backlash, Netflix to try gaming and TIM bets on Italian football

The Q2 earnings season kicked off last week, when we should start seeing whether the pandemic effect is persisting more than a year later. Ericsson's Q2 figures showed it may be facing a backlash in China from Sweden's ban on Chinese network suppliers. The race to build up chipmaking infrastructure outside China also continued, with Intel reportedly looking at a bid for Globalfoundries. In the telecom services, TIM makes another attempt to relaunch its TV service with football rights, while Netflix is plann

EUROPE 15 JUL 2021

Privacytoezichthouders vragen om spoedonderzoek naar WhatsApp, Facebook

De nationale regelgevende instanties voor gegevensbescherming van de EU hebben de Ierse privacytoezichthouder opgeroepen om dringend onderzoek te doen naar de recente wijzigingen in het privacybeleid van WhatsApp en de manier waarop het gegevens deelt met moederbedrijf Facebook, uit bezorgdheid dat de bedrijven de privacywetgeving hebben geschonden. De toezichthouders stopten met het ondernemen van actie tegen Facebook, omdat het nog te onduidelijk was hoe het bedrijf gegevens over WhatsApp-gebruikers gebru

EUROPE 12 JUL 2021

BEUC files compaint against WhatsApp for breach of EU consumer rights

European consumer body BEUC has filed a complaint with the European Commission and the European network of consumer protection authorities against WhatsApp, citing multiple breaches of EU consumer rights.

BELGIUM 15 JUN 2021

EU court says Facebook can face national privacy cases outside Ireland too

The EU Court of Justice has upheld the right of national regulators outside Ireland to sue Facebook for privacy violations in the EU. In an appeal against a decision from the Belgian Data Protection Authority, Facebook had claimed that only the Data Protection Commission in Ireland, where Facebook's European operators are based, could conduct such a case. The EU court disagreed, saying the General Data Protection Regulation allows any national regulator to sue in a case of cross-border data processing.

Just In

19 DEC 16:42

SLT-Mobitel launches 5G network in Sri Lanka

19 DEC 16:19

Dialog Axiata launches 5G network, connects 1.5 million subscribers

19 DEC 15:56

UK govt to ban AI-enabled nudification apps to protect women, girls

19 DEC 15:42

3 UK launches last-minute Christmas sale

Commentary

13:56

Video market set for slower growth ahead

11:38

Netflix buys Warner Bros to deepen content catalogue

11:11

KPN's mixed performance in Q3 raises questions for strategy day

15:26

Stock markets breaking records but what happened to Odido's IPO plans?

Background

01:04

The week in telecom: Wi-Fi bolt-ons take off to boost broadband growth, video market works on consolidation

01:39

The week in telecom: Netflix wins bidding for Warner Bros, Apple poaches new execs, Samsung debuts trifold

13:51

Proximus vs. Telenet: Proximus performs better in Q3 while Telenet uses up cash

14:16

Proximus Domestic still struggling with low margins

Complete profile

Before downloading the whitepaper, we would like to ask you to complete your profile with company and position. After confirming you will receive the white paper.