EU Regulators Fine WhatsApp $266 Million for GDPR Violations
The Robins Kaplan Privacy Pulse
September 10, 2021
On September 2, 2021, EU regulators fined Facebook-owned chat service, WhatsApp, £225 million (around $266 million) for failing to fully disclose its user data collection and sharing practices. This is the second largest fine since EU regulators began enforcing the General Data Protection Regulation in mid-2018.
Ireland’s Data Protection Commission, which leads GDPR enforcement efforts for Facebook due to its European headquarters in Dublin, was the issuing body for this landmark decision. Initially, the Commission had proposed a £50 million fine, but following objections from eight EU watchdogs, a board of all EU regulators voted to increase the fine.
WhatsApp has three months to bring its privacy and user notification policies into compliance with the GDPR. A WhatsApp spokesperson, however, has said the company will appeal the decision. The appeal can be lodged either in Irish courts or directly with the EU’s Court of Justice, since a board representing all EU privacy regulators voted on the decision.
The Robins Kaplan Privacy Pulse blog features privacy and cybersecurity litigation topics including the latest news in cybersecurity law and policy, privacy legislation, and other related cyber topics making headlines.
If you are interested in having us represent you, you should call us so we can determine whether the matter is one for which we are willing or able to accept professional responsibility. We will not make this determination by e-mail communication. The telephone numbers and addresses for our offices are listed on this page. We reserve the right to decline any representation. We may be required to decline representation if it would create a conflict of interest with our other clients.
By accepting these terms, you are confirming that you have read and understood this important notice.