Data Protection Commission of Ireland WhatsApp has been fined 5.5 million euros. GDPR violations after a German consumer filed a complaint. The latest penalty to hit Meta comes just weeks after the same body, the DPC, slapped the firm with more than €390 million in fines.
The regulator said WhatsApp Ireland must bring its processing in line with GDPR rules within six months if it does not want to face further restrictions. According to the complainant, WhatsApp forced users to consent to data processing if they wanted to continue using the services, which the complainant argued was a violation of the GDPR because users have a right to data. There must be a choice that is acted upon.
To reach its January 12 decision, the DPC had to go to the European Data Protection Board (EDPB) to resolve some differences with the concerned supervisory authorities (CSA) which it had to consult throughout the process. The EDPB said that the DPC should hit Meta with a multi-million euro fine and that the DPC should open a new investigation into Meta regarding the following:
“The processing operations of WhatsApp IE in its service to determine whether it processes special categories of personal data (Article 9 GDPR), behavioral advertising purposes, marketing purposes as well as metrics to third parties processes data to provide. and exchange data with affiliated companies for service improvement purposes, and to determine whether it complies with relevant obligations under the GDPR.”
According to freeMetta will not accept their penalty without a fight and plans to appeal the decision.