The Data Protection Commission (CPD) of Ireland (country where WhatsApp is registered to operate because it gives the possibility of paying less taxes than in other countries of the European Union) has today imposed a fine of 225 million euros to WhatsApp, a company owned by Facebook. This is the second highest fine in the name of this regulation since its inception.
The Commission announced this amount after explaining that this decision is As a result of an investigation into whether WhatsApp correctly complies with the Regulation General of Data Protection, which started in December 2018.
The big problem that the authorities see is that the messaging tool does not give enough information to users and not users about what it does with their data and there is a lack of transparency in this regard.
It is also unclear, according to the regulatory body, what kind of data is shared between WhatsApp, Facebook and other platforms of this same company such as Instagram and that violates the European data protection regulation.
In addition to the administrative fine, the Commission has also imposed an order for WhatsApp take specific corrective measures in its regulations to thus adopt the Data Protection Regulation of the European Union.
The multi-million euro fine is the second highest imposed under the European Union’s General Data Protection Regulation, which came into effect in 2018 and allows regulators to impose penalties of up to 4% of your revenue. yearly if they mishandle people’s data. The Luxembourg data protection authorities imposed a record fine of 746 million euros to Amazon in July.
WhatsApp claims
A WhatsApp spokesperson said in a statement that the issues that this million-dollar fine touches refer to policies that were in effect in 2018.
According to the company has stated to Xataka “we have worked to ensure that the information we provide is transparent and complete and we will continue to do so. We do not agree with today’s decision regarding the transparency we provide to people in 2018 and the sanctions are completely disproportionate. We will appeal this decisionFor now there is no further information on the matter from the firm owned by Facebook.
It is not the first time this year that the data policies of WhatsApp and Facebook are in the eye of the hurricane. Earlier this year, WhatsApp announced changes to the terms of use and privacy policy that would force users to share their data with Facebook in order to continue using the app as of February 8 (This does not or should not apply to users in the European Union).
The controversy that this decision raised, and which led to a massive move of users from WhatsApp to other messaging applications, ended with the Facebook app deciding to postpone its mission to better explain the change to the month of May.
The Irish Data Commission has explained that this decision has passed through the hands of various regulatory bodies so that they could express their views. According to official information, after the initial conclusions, Data regulators in eight other European countries put in place a dispute resolution mechanism for not agreeing with the provisional decision of Ireland, where the amount of the fine was much lower.
Last July, the European Data Protection Council issued a “clear instruction that required the CPD to reevaluate and increase your fine proposal“by a number of factors.
The Irish Data Privacy Commission (DPC) is Facebook’s main data privacy regulator within the European Union, due to the fact that the company’s headquarters are in the country. Even so, it should be remembered that the Irish CPD has been criticized in the past by other European regulators for taking too long to make decisions that affect the tech giants and for not fining them enough for the infractions they commit in terms of privacy regulation and data. .
According to Politico, the initial fine proposed by the Irish body was between 30 and 50 million euros. Dublin handles most of these investigations because many of America’s tech giants are based in the country, mostly to take advantage of companies’ low tax regime.
But, at the same time, the authorities of other countries (also affected because the company is registered in Dublin but operates at the level of the European Union) have shown their discontent on several occasions with the decisions of these Irish data protection bodies.