Article
Data & Data Analytics

WhatsApp fined $267 million in EU privacy breach

By Laura Berrill
September 02, 2021
undefined mins
WhatsApp has been fined record $267 million for breaching EU privacy rules

WhatsApp, owned by Facebook, has been fined a record 225 million euros ($267 million) by Ireland’s data watchdog for breaching EU data privacy rules.

Ireland’s Data Protection Commission said today WhatsApp did not tell citizens in the European Union enough about what its data is used for and what it does with it.

Allegations of a failure to disclose

The regulator said WhatsApp had failed to tell other Europeans how their personal information is collected and used - as well as how WhatsApp shares data with the other social media giant, Facebook.

It has ordered the platform, used by two billion people worldwide, to tweak its privacy policies and how it communicates with users so that it complies with Europe’s privacy law. As a result of this, WhatsApp may have to expand its privacy policy, which already some users and companies have criticised for being overly long and complex.

A WhatsApp spokesperson has said the company plans to appeal.

The statement said: “WhatsApp is committed to providing a secure and private service. We have worked to ensure the information we provide is transparent and comprehensive and will continue to do so.”

It went on: “We disagree with the decision today regarding the transparency we provided to people in 2018 and the penalties are entirely disproportionate.”

No revelation of personal data, says WhatsApp

WhatsApp states on its website that it shares phone numbers, transaction data, business interactions, mobile device information, IP addresses and other information with Facebook. It says it does not share personal conversations, location data or call logs.

The WhatsApp fine is the largest penalty that the Irish regulator has handed out for violations of Europe’s General Data Protection Regulation, or GDPR.

The legislation — approved in April 2016 and enforced since 2018 — replaced a previous law called the Data Protection Directive and is aimed at harmonizing rules across the 27-nation EU bloc.

Some critics argue that EU regulators have been too slow to impose the law and issue penalties on Big Tech for failing to comply.

 

DataAnalyticsCybersecurityTechnology
Share
Share

Featured Articles

How digital twins unlock enterprises’ sustainability efforts

With sustainability increasingly on corporate and government agendas, over half of enterprises believing digital twin technology is critical to ESG efforts

Avast: Cybercriminals use common apps to lure victims

Two out of three cyber threats now leverage social engineering, with attackers using common applications from Microsoft and Adobe to distribute malware

World Password Day: Study shows enthusiasm for passwordless

Over half of global respondents told a study that they are excited about passwordless authentication options like biometrics, passkeys, or security keys

SAP to accelerate AI innovation with IBM Watson

AI & Machine Learning

Half of organisations fell victim to ransomware attacks

Cloud & Cybersecurity

Nike and Cognizant expand their relationship into technology

Digital Transformation