Ireland’s data privacy watchdog Data Protection Commission (DPC) slapped WhatsApp on Thursday with its biggest ever fine of €225 million ($266 million) for alleged infringements regarding the sharing of personal information with other Facebook-owned companies.
DPC informed in its statement that the investigation against WhatsApp has been opened since December 2018 to determine if the company has abided by its transparency obligations under the EU’s General Data Protection Regulation (GDPR)
That included the information provided to data subjects about the information processing between WhatsApp and other companies owned by Facebook.
Along with the hefty fine, the messaging service was also given a reprimand as well as an order to bring its data processing into compliance.
WhatsApp has opposed the financial penalty, slamming it as entirely disproportionate and announced it launch an appeal. The Irish arm of WhatsApp, established in 2017, has recorded an €11.2 million loss last year after setting aside €77.5 million to cover possible fees linked to DPC’s investigation.
Dublin-based DPC is leading the data privacy probe into Facebook and although it was previously considering much lower fine of up to €50 million, it changed it mind faced with the compaints from other watchdogs within the European Union.
The highest GDPR penalty ever issued was the one targeting Amazon that was sanctioned by the authorities in Luxembourg with€746 million fine since according to the European GDPR regulations, companies can be hit with fines of up to €20 million or 4% of their total annual global turnover, whichever is higher.