|
Facebook’s messaging service WhatsApp is reported to be facing a fine of up to €50m for data protection breaches under Europe’s GDPR.
The Irish regulator has been investigating WhatsApp for compliance with GDPR transparency requirements since 2018, and in particular whether it informed users that their data could be shared with owner Facebook.
As lead supervisor in the cross-border WhatsApp case, the Irish Data Protection Commission confirmed it sent draft proposals on GDPR enforcement action to Europe’s other data protection regulators just before Christmas.
Ireland’s Data Protection Commission fined Twitter €450,000 in December after it failed to notify the regulator of a data breach within the GDPR deadline. Speaking at an event in Dublin last month, deputy commissioner John O’Dwyer said WhatsApp would face a far larger fine because of the nature of the breaches.
Facebook has set aside €300m for regulatory fines in Europe this year and almost €78m for WhatsApp. WhatsApp is reported to have lost as many as 20 million users in the past few weeks after it made clear its intention to share more data from users outside the EU with Facebook.
Google currently holds the record for the largest GDPR fine at €50m, levied by French regulator CNIL in 2019.