Ireland Fines WhatsApp 225M Euros for Breaching EU Privacy Laws

Ireland on Thursday imposed a 225-million-euro fine on Facebook-owned messaging service WhatsApp for breaching EU data privacy laws after European regulators demanded the penalty be increased.

Ireland was asked to “reassess and increase its proposed fine on the basis of a number of factors … and following this reassessment the DPC has imposed a fine of 225 million euro on WhatsApp,” said Ireland’s Data Protection Commission (DPC).

The fine, the equivalent of $267 million, was handed down by the DPC as the country hosts the European headquarters of Facebook. 

As Ireland hosts the regional headquarters of a number of major tech players such as Apple, Google and Twitter, the DPC has been largely responsible for policing adherence to the EU’s landmark GDPR data rights charter.

The agency launched the WhatsApp probe in December 2018 to examine whether the messaging app “discharged its GDPR transparency obligations” with regard to telling users how their data would be used. 

This included information provided about the processing of information between WhatsApp and other Facebook companies.

[ Read: All Bark No Byte? Unease Over Irish Performance as EU’s Lead Data Watchdog ]

The DPC submitted its initial decision to other European regulators (CSAs) — whose approval is required — in December 2020 but received objections from eight of them. 

Unable to reach consensus, a dispute resolution process was launched in June.

The European Data Protection Board (EDPB) adopted a binding decision last month that instructed the DPC to increase the fine.

The DPC also “imposed a reprimand along with an order for WhatsApp to bring its processing into compliance by taking a range of specified remedial actions.”