WhatsApp fined $267 million for breaching EU privacy law

WhatsApp, which Facebook owns, has been fined €225 million ($267 million) for violating European Union data privacy rules.

In an 89-page summary (PDF), Ireland’s Data Protection Commission (DPC) published the judgment, stating that WhatsApp failed to adequately notify EU residents about handling their data, mainly how it shares that data with its parent firm.

WhatsApp has been required to revise its already extensive privacy policy and adjust how it alerts users when their data is shared. This will bring it into conformity with the General Data Protection Regulation (GDPR), which controls how digital businesses collect and handle data in the European Union.

GDPR went into effect in May 2018, and WhatsApp was one of the first businesses to face privacy litigation due to the new regulation.

The DPC’s judgment follows an inquiry that began in 2018 and is the second-largest fine imposed under GDPR legislation. Amazon was fined an all-time high of $887 million in July for violating EU privacy laws.