Ireland’s privacy watchdog fines WhatsApp €5.5 million

Ireland’s data protection authority has fined WhatsApp Ireland €5.5 million for breaches of the GDPR relating to its service and told it comply with data processing laws within six months.

Why Ireland? The Irish Data Protection Commissioner (DPC) is the head regulator for several of the US tech giants, and this is because they have sited their operations in the European Union member state – with its Silicon Valley friendly 12.5 percent corporate tax rate.

Yesterday’s ruling followed a 2018 complaint made by a German citizen about WhatsApp after it asked users to click “agree and continue” to indicate their acceptance of the updated Terms of Service in advance of 25 May 2018, when the GDPR came into operation.

The complainant claimed WhatsApp was seeking to rely on consent to provide a lawful basis for its processing of users’ data and that, by making the accessibility of its services conditional on users accepting the updated Terms of Service, the company was “forcing” the users to consent to such processing, in breach of the GDPR.

The fine meted out to the Meta-owned company resulted from a drawn-out process between Ireland’s data protection authorities (DPC) and various EU data protection bodies. Finally, the European Data Protection Board ruled, mostly with the DPC original decision.

Taking the EDPB view into account, the DPC ruled that WhatsApp is not entitled to rely on the contract legal basis for the delivery of service improvement and security for the WhatsApp service and that its

Read more

Explore the site

More from the blog

Latest News