WhatsApp fined EUR 225 million for privacy violations in EU

Nieuws Mobiel Europa 2 SEP 2021
WhatsApp fined EUR 225 million for privacy violations in EU

WhatsApp has been fined EUR 225 million by Ireland's Data Protection Commission for violations of the EU's General Data Protection Regulation. This follows an investigation started in December 2018 over whether WhatsApp made it clear how it collects and uses personal data, including disclosing how it shares data with other Facebook companies.

Completion of the IDPC's investigation was held up by a disagreement with other privacy watchdogs in the EU. While Ireland is the lead regulatory authority for all WhatsApp's activities in the EU, other national regulators may weigh in on its decisions. In this case, several called for tougher measures against WhatsApp compared to what the Irish regulatory proposed in a draft decision issued in December 2020. 

The European Data Protection Board (EDPB), which unites the national data protection authorities in the EU, told the DPC in July to reassess and increase its proposed fine of EUR 30-50 million. The EDPB said there were multiple infringements that needed to be taken into account when setting the fine, even if these covered the same or linked data processes. The amount of the fine should also be based on the parent company Facebook's turnover, not just WhatsApp's revenues, the board said

Furthermore, the EU board called for a shorter timeframe for WhatsApp to bring its practices into compliance with the GDPR and make its policies more transparent. As a result, the company has three months to implement remedies, rather than the six proposed by the Irish regulator. 

In addition to a lack of transparency for its own users about how it handles their personal data, WhatsApp was also found to be violating rights of non-users. This is a result of its Contacts feature, which checks a user's contacts list on the phone to propose contacts in the app. The investigation found the contact data collected by WhatsApp was not anonymised. 

Since the investigation was first started, WhatsApp has updated its privacy policy, raising fresh concerns of increased information sharing with Facebook. In July, the EDPB called again for an urgent investigation by the Irish DPC to assess whether WhatsApp's latest changes were in compliance with the GDPR. In June the EU Court of Justice also found that other national regulators may sue Facebook for suspected privacy violations, and the company did not answer only to the Irish authority. 

Categories:

Mobiel

Companies:

FacebookWhatsApp

Regions:

Europa

Countries:

Ireland

Tags:

Messaging, Regulations

Related Articles

WERELD 22 JAN

Meta adds WhatsApp option to link to Facebook, Instagram accounts

Meta has introduced a way to link WhatsApp accounts with Facebook and Instagram profiles. While WhatsApp has largely been kept separate from its other social media to date, users can now link their accounts in the company's Accounts Center, and share posts across all three platforms at once.

NEDERLAND 15 MAR 2023

Facebook found guilty of privacy violations in Netherlands over 10 years

Dutch consumer association Consumentenbond and the Data Privacy Foundation (DPS) have won a class-action lawsuit against Meta's Facebook about the protection of personal data. The ruling means Dutch consumers can claim compensation for privacy violations, although the amounts have yet to be determined. The consumer organisation and privacy group have also started a fresh case against Facebook, saying the company has for years unlawfully sent Dutch user data to the US for storage. 

EUROPA 6 MAR 2023

WhatsApp pledges more transparency on updates to service terms after EU warnings

WhatsApp has committed to informing users better about changes to its services conditions and making it easier for users to reject the changes. This follows a warning from the EU and its network of consumer protection regulators. Also, WhatsApp confirmed that users' personal data are not shared with third parties or other companies in the Meta group for advertising purposes.

WERELD 14 DEC 2022

WhatsApp outlines calling improvements

Meta-owned WhatsApp said it launched several improvements to the app's calling functionality in 2022, including encrypted 32-person calls, muting and call links. In a short statement outlining the new features, the messaging provider said users can now start or join a video call with up to 32 people, four times the number of people than before.

EUROPA 28 NOV 2022

Meta fined EUR 265 mln in EU for Facebook personal data breach in 2019

Ireland's Data Protection Commissioner has handed another multi-million euro fine to Meta for violating the EU's General Data Protection Regulation. The new fine of EUR 265 million is for a data breach reported in 2019, the investigation of which found security systems on Facebook lacking in sufficient protections for user privacy. 

EUROPA 4 OCT 2022

Irish regulator concludes investigation into Facebook data breach

Ireland's Data Protection Commission (DPC) has reached a draft decision in its investigation into the personal data breach at Facebook first disclosed in April 2021. No details of the decision were announced, as the regulator must first consult with its EU counterparts. 

EUROPA 6 SEP 2022

Irish regulator imposes EUR 405 million fine on Meta for violating teen privacy

Meta's Instagram service has been told to pay a EUR 405 million fine for the way it handled teen data, Politico reported. The fine, imposed by the Irish Data Protection Commission (DPC) follows a EUR 225 million fine imposed on WhatsApp and another of EUR 17 million on Facebook. The regulator is still investigating at least six other cases with Meta-owned companies.

WERELD 20 JUN 2022

WhatsApp brings updates to group calls, privacy

WhatsApp has added a few updates to its messaging service, covering group calls and privacy. When using group calls, end-users can now mute others, message specific people and see a banner when someone joins offscreen. The platform said it's also rolling out new options to the privacy control settings. End-users can now select who from their contact list can see their Profile Photo, About, and Last Seen status. Also, the Android app now supports three new languages, Amharic, Oromo or Hausa.

EUROPA 27 JAN 2022

EU consumer regulators call on WhatsApp to clarify change in user terms

The European Commission and consumer protection authorities in the EU have asked WhatsApp to provide more clarity on its change in 2021 in its user terms and conditions and its privacy policy. The request follows a complaint from the European consumer rights group Beuc that WhatsApp's new terms may not live up to the requirements of EU consumer protection regulations. WhatsApp was given until the end of February to clarify its position with regulators.

EUROPA 19 JAN 2022

EDPB adopts updated right of access and cookie consent guidelines

The European Data Protection Board (EDPB) said its January plenary session agreed to adopt new guidelines on the right of access in different situations as well as a letter calling for a consistent interpretation of cookie consent. The adopted guidelines provide clarifications on the scope of the right of access, the information the controller has to provide to the data subject, the format of the access request, the main modalities for providing access and the notion of manifestly unfounded or excessive req

EUROPA 18 JAN 2022

EU privacy violation fines jump to over EUR 1 billion in 2021

Almost EUR 1.1 billion in fines for violations of the EU's General Data Protection Regulation were issued in 2021, according to research by DLA Piper. The amount was nearly 600 percent higher than the previous year, when EUR 159 million in fines were issued. The total covers the 27 EU members plus the UK, Norway, Iceland and Liechtenstein.

EUROPA 8 DEC 2021

EU, US start new platform to coordinate tech sector regulation, enforcement

The EU and US have launched an official platform for coordinating competition regulation in the tech sector. The EU-US Joint Technology Competition Policy Dialogue was officially unveiled in Washington DC by the European Commission, the US Federal Trade Commission and the US Department of Justice and will work on reinforcing cooperation in regulation and its enforcement for the dynamic technology sector.

EUROPA 23 NOV 2021

WhatsApp updates EU privacy policy after GDPR fine

WhatsApp has updated its privacy policy in the EU, after receiving a EUR 225 million fine in September for violating the General Data Protection Regulation. The company said there were no changes to its data processing or the contract with customers, only an update of the language to add more details and make the privacy policy more clear to end-users. No action on the part of WhatsApp users is required. 

EUROPA 18 OCT 2021

DPC suggests new EUR 36 mln Facebook privacy fine

Ireland's Data Protection Commission (DPC) has suggested fining Facebook between EUR 28 million and EUR 36 million in a draft decision against the company, according to a document seen by Reuters. The proposed fine is in response to a complaint filed by Austrian privacy and data rights campaigner Max Schrems's NYOB organisation. The DPC will now share the preliminary ruling with other EU data protection agencies, who have a month to respond to its findings.

WERELD 15 OCT 2021

WhatsApp introduces encryption option for chat backups

WhatsApp has added encryption for chat backups. The optional layer of extra security is available for backups stored on Google Drive or iCloud. The company introduced default end-to-end encryption for chat messages five years ago. The encrypted backup can be secured with either a password or 64-digit encryption key. The backups will then become inaccessible to both WhatsApp or the backup service provider.

Just In

19 DEC 16:42

SLT-Mobitel launches 5G network in Sri Lanka

19 DEC 16:19

Dialog Axiata launches 5G network, connects 1.5 million subscribers

19 DEC 15:56

UK govt to ban AI-enabled nudification apps to protect women, girls

19 DEC 15:42

3 UK launches last-minute Christmas sale

Commentary

13:56

Video market set for slower growth ahead

11:38

Netflix buys Warner Bros to deepen content catalogue

11:11

KPN's mixed performance in Q3 raises questions for strategy day

15:26

Stock markets breaking records but what happened to Odido's IPO plans?

Background

01:04

The week in telecom: Wi-Fi bolt-ons take off to boost broadband growth, video market works on consolidation

01:39

The week in telecom: Netflix wins bidding for Warner Bros, Apple poaches new execs, Samsung debuts trifold

13:51

Proximus vs. Telenet: Proximus performs better in Q3 while Telenet uses up cash

14:16

Proximus Domestic still struggling with low margins

Complete profile

Before downloading the whitepaper, we would like to ask you to complete your profile with company and position. After confirming you will receive the white paper.