WhatsApp has just been fined 225 million euros by the Irish Data Protection Commission (DPC). Because the Facebook-owned messaging company is considered to have violated the European Union's data protection rules.
It is the largest fine ever issued by the DPC and the second largest ever imposed on an organization under European Union data protection laws.
The fine follows an investigation that began on December 10, 2018. The DPC investigation checks whether WhatsApp is transparent in its handling of user and non-user data. Investigators are monitoring how data is processed between WhatsApp and another company owned by Facebook.
Investigators also observed how WhatsApp collects, stores and shares user data. In addition to ensuring that WhatsApp's policies regarding data usage are clearly communicated.
After more than two years of investigation, the results of the investigation contained in a PDF file of more than 260 pages assessed that WhatsApp failed to fulfill the transparency obligations of the General Data Protection Regulation (GDPR).
In addition to administrative fines, DPC has also issued a strike and an order for WhatsApp to update its privacy policy and change the way it notifies users about data sharing. This must be done within three months.
Responding to the DPC's decision, WhatsApp did not agree with the decision, they also considered the fine given to be disproportionate. Therefore, WhatsApp intends to appeal the decision.
"WhatsApp is committed to providing a secure and private service," the company said in a press statement. "We have worked to ensure the information we provide is transparent and comprehensive and will continue to do so. We disagree with today's decision on transparency that we gave people in 2018 and the penalties are wholly disproportionate."
