Facebook-owned WhatsApp has been ordered to pay a $266 million penalty for “failing to be transparent about how it handled personal information” under new European Union data protection regulations. As reported by Bloomberg, this is the first time WhatsApp has been fined under the new GDPR law.
The fine was handed down by the Irish Data Protection Commission, which said that it found violations in how WhatsApp explained “how it processed users’ and non-users’ data.” The regulator also found discrepancies in how user WhatsApp user data was shared with Facebook and Instagram.
In a statement, WhatsApp said it would appeal the ruling:
Thursday’s fine also comes amid added pressure on WhatsApp over policy changes it announced in January. It was forced to delay the overhaul until May after a backlash from users and regulators over what data the messaging service collects and how it shares that information with its parent Facebook.
The Irish Data Protection Commission added that it will also force WhatsApp to “take remedial action to bring its data processing communication into compliance.” One such change here is that WhatsApp must make it clear to users how they can “lodge a complaint with a supervisory authority.”
“We disagree with the decision today regarding the transparency we provided to people in 2018 and the penalties are entirely disproportionate,” a WhatsApp spokesperson said. “We will appeal this decision.”
