Let us tell you WhatsApp – we don’t want to pay that €225m GDPR fine • The Register

WhatsApp has been slapped with a fine of €225m [PDF] following a long and drawn out investigation into whether it had provided the necessary data protection information to users under the EU General Data Protection Regulation (GDPR).

The fine – along with a slap on the wrist – has been imposed by the Data Protection Commission (DPC), the national independent authority in Ireland responsible for personal data protection in the EU.

It’s reported to be the heftiest fine ever issued by the DPC and the second-largest handed out under EU data protection laws.

WhatsApp, however, has already said it intends to appeal the decision and believes the fine is “entirely disproportionate.”

In a statement, a spokesperson for the company told The Reg: “WhatsApp is committed to providing a secure and private service. We have worked to ensure the information we provide is transparent and comprehensive and will continue to do so.

“We disagree with the decision today regarding the transparency we provided to people in 2018 and the penalties are entirely disproportionate. We will appeal this decision.”

In what has proved to be a highly technical ruling dating back to 2018, the DPC said the case examined whether WhatsApp has “discharged its GDPR transparency obligations with regard to the provision of information and the transparency of that information to both users and non-users of WhatsApp’s service. This includes information provided to data subjects about the processing of information between WhatsApp and other Facebook companies.”

As well as the fine, the DPC has also ordered WhatsApp to take “a range of specified remedial actions” which some sources claim could make privacy policies even less user friendly.

If nothing else, WhatsApp is not alone. In July, Amazon said that an EU privacy watchdog had issued an $885m fine for failing to comply with…