WhatsApp Has Been Fined €225m For Breaching EU Privacy Regulations
WhatsApp is in alleged violation of rules by GDPR regarding the processing of private user data
Recently, a hefty sum of the fine has been issued for WhatsApp by the data watchdog firm of Ireland regarding the breach of regulation of privacy of the users. It is the second-largest fine ever issued under the rules of the European Union GDPR and the largest fine money ever to be confirmed by the Irish Data Protection Commission.
Facebook, the tech firm that has the ownership of WhatsApp, has their European Union headquarters located in Ireland, and the regulatory authority of Ireland also has the lead jurisdiction for all the tech giants operating across Europe. Although, WhatsApp stated that they disagree with the decision which has been made regarding the firm and the severity of such a large amount fine, and is planning to appeal to the court.
Second largest fine
The second-largest GDPR fine of £225 million was related to a thorough investigation against the firm in the year 2018, regarding whether the tech company WhatsApp had provided transparency regarding their process of handling sensitive information about the user.
The spokesperson for the tech firm said that WhatsApp had committed itself to provide a private and fully secure service to all of its users. They had worked deeply to ensure that the information which is being provided to their billions of users worldwide is transparent enough and is fully comprehensive, and the firm is likely to follow through with the same procedure in the future.
WhatsApp disagrees with the decision that has been given today regarding the level of transparency they are currently providing to the people in the year 2018, and the penalties which have been mentioned are entirely disproportionate.
The rules of GDPR allow for a massive number of fines of up to 4% of the offending firm’s international revenue.
The Deposit Protection Corporation of Ireland said that they have been able to submit the decision made by them to other authorities concerning national data, as required by the regulation of GDPR, and following through with a comprehensive and lengthy investigation against WhatsApp, and has received multiple objections from eight different nationals, including Italy, France, and Germany.
Some governments disagree with the Irish regulatory authority on which of the specific articles of the rules of GDPR had been violated by WhatsApp, or the procedure through which the amount for the second-largest GDPR fines has been calculated, along with several other issues.
In the last week of July, the European Data Protection Board has told the Irish Deposit Protection Corporation to make some changes in their findings, and reassess the proposed fine of $26-43 million and make amends in the decision made by them by giving a much higher amount of fine to WhatsApp.
Max Schrems, a privacy campaigner, said that the decision to give WhatsApp the second-largest GDPR fine has shown to the public that the DPC is still in a state of extreme dysfunction. The Deposit Protection Corporation generally receives about 10,000 complaints over the course of a year since 2018, and since then, the first major fine which has been issued by them is for WhatsApp, making it the second-largest GDPR fine ever filed.
Due to the planned appeal made by WhatsApp in the court system of Ireland, it means that it would definitely take several years before the fine is to be fully paid by the tech firm.
The Irish DPC has also given a formal reprimand to WhatsApp, along with ordering the firm to bring the processing done by them into compliance.
The other firm, which has been fined a large sum of money for being in violation of the GDPR rules in Amazon, during an ongoing case in which is the firm is still currently defending itself vigorously. Amazon has become the firm to have received the largest GDPR fine ever.
In the month of July this year, the regulatory authority of Luxembourg has fined Amazon £640 million regarding the watchdog had said was a non-compliance with the laws of processing of user data.