Facebook’s WhatsApp was slapped with a record $267 million (€225 million) fine by Ireland’s Data Protection Commission (DPC) for violating the European Union’s (EU) data privacy regulations, CNBC and other news outlets reported on Thursday (Sept. 2).
Ireland’s DPC concluded that WhatsApp failed to give enough information to its EU app users regarding how it handles their data and shares it with Facebook. WhatsApp was ordered to make adjustments to its privacy policies and change how it connects with users to maintain compliance with the General Data Protection Regulation (GDPR).
The penalty levied against WhatsApp is the biggest on record that the DPC has handed down for GDPR violations, according to the report.
WhatsApp is moving to appeal the ruling, a spokesperson told CNBC, stating that the company did not agree with the aspects “regarding the transparency” the app extended to users in 2018 and also feels that “the penalties are entirely disproportionate.”
The spokesperson also said that WhatsApp is dedicated to “providing a secure and private service” and is working to make sure that all information is “transparent and comprehensive.”
The DPC is the lead supervisory authority for WhatsApp across Europe. The probe was launched in 2018 following the implementation of new EU data protection rules.
In December 2020, the DPC completed its investigation and the draft conclusions were sent to other European data regulators, per GDPR policy. But while 32 members agreed with the decision, eight did not, including the amount of the proposed fine of up to €50 million, RTE reported.
See also: EU Privacy Regulator Fines Amazon $887M
Without a consensus, the DPC had to move the case to the European Data Protection Board (EDPB) earlier this summer. The binding ruling was made at the end of July, and the DPC is tasked with being the enforcement agency, according to RTE.