Status: 02.09.2021 5:05 p.m.
What data does WhatsApp use? And for what purpose? According to the Irish data protectionists, the Facebook subsidiary has not made this transparent enough. The authority imposed a 225 million euros.
The Irish privacy advocates have imposed a record fine on the WhatsApp messenger service. The reason is violations of the European General Data Protection Regulation. Due to a lack of transparency in the transfer of personal data, the Facebook subsidiary had to pay 225 million euros, the DPC judged. The supervisory authority also instructed the messenger service to change its data processing.
Irish privacy advocates had never before imposed a fine of this magnitude. Across Europe, the fine is only exceeded by the penalty imposed by the data protectionists in Luxembourg against Amazon. The Luxembourg authority imposed a fine of 746 million euros on the Internet group this summer.
The authority has been in the lead again and again recently
Because Facebook has its European headquarters in Dublin, the DPC is the authority responsible for data protection issues. Since a number of other important technology companies, such as Apple, Google and Twitter, have their European headquarters in Ireland, the DPC has recently repeatedly been in the lead in enforcing the European General Data Protection Regulation.
The penalty against WhatsApp goes back to 2018 investigations into the transfer of data. In the same year, the General Data Protection Regulation was introduced in the EU.
“Small step in the right direction”
The Federal Commissioner for Data Protection, Ulrich Kelber, described the decision as a “small step in the right direction”. “Now the point is that in Ireland the many other open cases about WhatsApp are finally decided so that the steps to a uniform enforcement of data protection law in Europe are faster and longer,” he told the Reuters news agency.
Data protection activist Max Schrems from Austria also welcomed the decision. However, the DPC has received around 10,000 complaints per year since 2018 and has only now imposed a larger fine. Originally, the Irish had only proposed a fine of 50 million euros, so Schrems. “You have been forced by the other European data protection authorities to increase the fine to 225 million.”
Even the 225 million euros still correspond to only 0.08 percent of the turnover of the Facebook group, emphasized Schrems. “The European General Data Protection Regulation provides for fines of up to four percent of sales. It all shows that the Irish data protection authority is still extremely dysfunctional.”
WhatsApp, however, described the punishment as “completely inappropriate” and announced an appeal. The extent to which WhatsApp Ireland was surprised by the authority’s decision is shown by the fact that only 77.5 million euros were set aside on the company’s balance sheet for a possible fine.