using website header

Connected: Display Connected: Media Landscape Connected: Regional Connected: AV Consumer Surveys Connected: Direct LinkedIn LinkedIn logo icon Twitter Twitter logo icon Youtube Youtube logo icon Flickr Flickr logo icon Instagram Instagram logo icon Mail Mail icon Down arrow
Ella Sagar 

WhatsApp updates privacy policies after second largest fine in GDPR history

WhatsApp updates privacy policies after second largest fine in GDPR history

WhatsApp has updated its privacy policy for its European users after being given a record €225m GDPR fine.

On 22 November the messaging platform confirmed the policy will not change their service or how it handles user data but will provide more details about how users' personal information is passed to its parent company Meta, which also owns Instagram and Facebook.

This clarification will only appear on its European version of the privacy policies and does not require users to agree or take action.

The privacy policy update came after "a lengthy and comprehensive investigation" by the Irish Data Protection Commission (DPC) and a binding decision from the European Data Protection Board (EDPB) on 28 July that the DPC reassess the case and increase WhatsApp's proposed fine for not being "transparent about sharing data with their parent company".

Subsequently, DPC imposed its largest ever GDPR fine on the Meta company and the second-highest under EU GDPR rules after Amazon was fined $886.6m by Luxembourg's National Commission for Data Protection earlier this year.

The DPC also imposed "a reprimand" along with the fine ordering WhatsApp to "bring its processing into compliance by taking a range of specified remedial actions" for the GDPR breach.

The data authority stated they had found violations in how WhatsApp had explained how processed users and non users' data was processed.

WhatsApp privacy policy still has end-to-end encryption

On its Help Center, WhatsApp specifies that it shares certain categories of information with Meta Companies like account registration information, transaction data, service-related information, mobile device information, business interactions on its services and other points of information based on consent.

However, it does emphasise that this content is not applicable to users in the European region and that it will "always protect personal conversations with end-to-end encryption, so neither Whatsapp nor Meta  can see these private messages".

This limitation also applies to logs of messaging and calling, shared locations and contacts per its update in January of this year.

This latest privacy ruling comes as a key European regulator was about to rule IAB Europe's Transparency & Consent Framework illegal earlier this month.

Whatsapp is appealing the decision by the EDPB and DPC.

Leave a comment

Thank you for your comment - a copy has now been sent to the Mediatel Newsline team who will review it shortly. Please note that the editor may edit your comment before publication.

Media Jobs