Ironically, the Irish data protection authority, the Data Protection Commission (DPC), which is not considered particularly severe, WhatsApp now has a penalty notice I sent. The messaging platform operator now has to pay €225 million for violations of the General Data Protection Regulation (GDPR).
At the DPC, after extensive examination, he came to the conclusion that WhatsApp did not create enough transparency about the transfer of user data. The corresponding investigation actually began in December 2018, and has always included current developments. The authority also obligated WhatsApp to implement several changes in data processing so that GDPR requirements can be complied with in the future. If this is not implemented, further penalties can follow.
WhatsApp is not the first runner
DPC is responsible for this case because WhatsApp is based in Ireland in Europe along with Facebook. The authority is usually criticized for acting only half-heartedly against violations of consumers’ data protection rights. Because the government side likes to address international technology companies in Ireland.
Accordingly, WhatsApp also received the highest penalty order issued by the DPC. This gives an idea of how serious GDPR violations are in the end. The messaging platform is not yet the most popular in Europe as a whole. The highest fine to date of 746 million euros has been imposed on Amazon in Luxembourg.