The Irish Data Protection Commission (DPC) fined Meta Corporation’s subsidiary WhatsApp €5.5 million ($5.95 million) for breaking EU data protection regulations.
The fine was imposed following a complaint submitted in 2018 by a German citizen who was unsatisfied that WhatsApp did not provide him with the option to decline the updated terms of service until May 25, 2018, when the General Data Protection Regulation (GDPR) went into effect.
In addition to the fine, the DPC ordered WhatsApp to comply with EU privacy standards regarding user data within six months. This comes from a similar order issued to other large platforms, such as Facebook and Instagram, to assess their legal basis for targeting ads using personal data.
WhatsApp has stated that it wants to appeal the decision and that its service complies with technological and legal requirements. This is not WhatsApp’s first fine from the DPC; in September 2021, the firm was fined 225 million euros for infractions in May 2018. WhatsApp is presently attempting to get the fine reversed in Irish courts.
To date, the DPC has fined Meta Corporation 1.3 billion euros and started ten additional investigations into its services. Due to its European headquarters in Ireland, the DPC has significant power to enforce EU privacy regulations and guarantee that companies comply as the leading EU privacy regulator for many of the world’s top technology companies.
The DPC fine imposed on WhatsApp serves as a reminder of the importance of complying with EU privacy regulations, notably the GDPR. The GDPR requires companies to get explicit consent from users before collecting and processing their personal data and to inform users of their rights, such as the right to access, amend, and delete their personal data.