Ireland on Thursday imposed a 225 million euro ($267 million) fine on messaging service WhatsApp for breaching EU data privacy laws after European regulators demanded the penalty be increased.
Ireland was asked to "reassess and increase its proposed fine on the basis of a number of factors ... and following this reassessment the DPC has imposed a fine of 225 million euros on WhatsApp," said Ireland's Data Protection Commission (DPC).
The watchdog’s announcement wraps up an investigation into the Facebook-owned messaging service that opened in December 2018, after the EU rules, known as General Data Protection Regulation, or GDPR, took effect. It’s the second penalty - and the biggest - issued by the Irish watchdog under GDPR. Last year it fined Twitter 450,000 euros for a security breach.
“WhatsApp is committed to providing a secure and private service,” the company said in a press statement. “We have worked to ensure the information we provide is transparent and comprehensive and will continue to do so. We disagree with the decision today regarding the transparency we provided to people in 2018 and the penalties are entirely disproportionate.”
The commission said the case examined whether Facebook followed GDPR requirements to be transparent for both users and those who didn’t use its service, including how people’s data is processed between WhatsApp and other Facebook companies.
Under GDPR, the Irish watchdog acts as the lead regulator in cross-border data privacy cases for WhatsApp and many other big tech companies that have their European headquarters in Dublin.