[TheRecord] WhatsApp hit with giant €225 million (~$267M) million GDPR fine

Ireland’s data protection agency has announced today a €225 million ($267 million) fine against Facebook’s WhatsApp for failing to comply with the European Union’s General Data Protection Regulation (GDPR).

The fine represents the second-largest GDPR penalty after Amazon was fined €746 million ($887 million) in Luxembourg at the end of July.

According to the Irish Data Protection Commission (DPC), WhatsApp was fined for failing to properly inform users how their WhatsApp data would be used by Facebook, the app’s parent company.

The investigation into WhatsApp’s GDPR violations began in December 2018 in Ireland, where Facebook’s European headquarters are based.

Following a first investigation, Irish officials wanted to fine WhatsApp €50 million, but the initial fine was vetoed by other data protection agencies part of the European Data Protection Board (EDPB), the EU privacy watchdog, who forced the Irish regulator to assess other GDPR violations, resulting in the larger fine announced today.

The DPC’s subsequent investigation found that WhatsApp broke four GDPR articles:

Article 5(1)(a) of the GDPR, for which it received a fine of €90 million; Article 12 of the GDPR, for which it received a fine of €30 million; Article 13 of the GDPR, for which it received a fine of €30 million; Article 14 of the GDPR, for which it received a fine of €75 million.

See below for a breakdown, per the DPC and EDPB investigation report [PDF]:

In a canned statement, WhatsApp said the fine reflected the status of its service in 2018, not 2021, and planned to appeal.

The post WhatsApp hit with giant €225 million (~$267M) million GDPR fine appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SANS ISC] Apple Patches Actively Exploited Vulnerability in macOS, iOS and iPadOS,, (Thu, Mar 31st)

All posts, Sans-ISC

Apple today patched two flaws in macOS. One of the flaws has also been fixed for iOS and iPadOS. The AppleAVD flaw patched in across all the operating systems is critical as it allows arbitrary code execution with kernel privileges, and the flaw has been actively exploited. The second vulnerability, an out-of-bounds read issue for […]

Read More

[ThreatPost] Malicious Exchange Server Module Hoovers Up Outlook Credentials

All posts, ThreatPost

“Owowa” stealthily lurks on IIS servers, waiting to harvest successful logins when an Outlook Web Access (OWA) authentication request is made. Source: Read More (Threatpost)

Read More

[SecurityWeek] Firefox 91 Brings New Privacy, Security Improvements

All posts, Security Week

Mozilla on Tuesday released Firefox 91, a version of the web browser that brings enhanced cookie clearing, HTTPS by default in private browsing mode, and patches for several high-severity vulnerabilities. read more Source: Read More (SecurityWeek RSS Feed)

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.