Message service WhatsApp has to pay a fine of 225 million euros because the company was not transparent about how it handled personal user data. It is the first fine that the company will receive after European rules on data protection were tightened a few years ago.
The Irish Data Protection Commission, the privacy watchdog in Europe, found that WhatsApp did not correctly explain how it processed data from users and non-users of the messaging service. It was also not properly explained how data was shared between WhatsApp and parent company Facebook and other companies that fall under Facebook.
“We disagree with this decision about the transparency we gave people in 2018, and the fines are completely disproportionate,” a WhatsApp spokesperson said. “We are appealing this decision.”
WhatsApp had already announced in November last year that it would set aside 77.5 million euros to pay possible fines after the Irish watchdog announced a possible fine.
The Irish watchdog also said WhatsApp must take steps to comply with the rules. For example, it must be made clearer how users can submit a complaint to a supervisory authority.
Three years ago, the new data protection law General Data Protection Regulation (GDPR), came into effect in the European Union. Under that law, regulators can fine companies up to 4 percent of the annual turnover value.
Major tech companies such as Facebook and Google are increasingly under fire for privacy scandals, for which large fines have already been imposed in both the United States and the EU.