WhatsApp hit with €225 million fine for privacy breaches

Ireland’s data regulator has fined WhatsApp €225 million for violating European privacy rules, in the second-largest ever penalty under Europe’s revamped data protection rules.

The Facebook-owned messaging app was slapped with the fine for failing to live up to transparency requirements, including those related to how it explains its use of people’s personal information.

In a statement the body, which is the lead privacy regulator for Facebook within the EU, said the issues relate to whether WhatsApp conformed in 2018 with the rules.

“This includes information provided to data subjects about the processing of information between WhatsApp and other Facebook companies,” it added.

WhatsApp will also be required to change procedures relating to its handling of people’s data to bring them in line with the EU’s General Data Protection Regulation (GDPR).

The law came into effect in 2018 and facilitated the levying of penalties up to four per cent of companies’ annual revenue if they mishandled people’s data.

The highest ever fine imposed under the rules was a record-setting €746 million imposed against Amazon in July.

The proximity of the prosecutions come as the bloc upgrades the enforcement of its rulebook that has been criticised for failing to counter perceived big tech abuses regarding data.

Responding to the news, a WhatsApp spokesperson said: “We disagree with the decision today regarding the transparency we provided to people in 2018 and the penalties are entirely disproportionate… We will appeal this decision.”