Numerous users complained previously about an update to the company’s terms raising concerns about the safety of their information.
Several users in Europe complained about an update to the terms of service which they believed would result in their accounts being blocked if they failed to accept those terms. Many of those users were under the impression that these new terms would result in their information being shared with Whatsapp’s parent company Facebook, which has since become Meta. Whatsapp commented on this matter in particular when addressing the amendments ordered by the Irish DPC. Whatsapp iterated in its statement; “This update does not change how we process, use or share user data with anyone, including Meta, nor does it change how we operate our service.” The company noted that users were not required or expected to agree to anything or take any action, and that messages on their platform continue to be end-to-end encrypted. This means that only the sender and receiver can read those messages.
Whatsapp was recently hit with the second highest fine in GDPR history after users complained about this update to the company’s terms.
In September, Whatsapp was hit with a record fine after an investigation into the company’s level of transparency with handling user information. The Irish DPC had originally proposed a fine of €30 million – €50 million, but after other EU regulators were consulted on a reassessment of the amount, the fine rose to €225 million. WhatsApp insists that it has always provided the required information to its users and is appealing this fine. The company has however included substantially more information to users about its use of their information, and how the company works with its parent company, Meta.
Does your company have all of the mandated safeguards in place to ensure compliance with the GDPR, Law Enforcement Directive and Data Protection Act 2018? Aphaia provides both GDPR and Data Protection Act 2018 consultancy services, including data protection impact assessments, and Data Protection Officer outsourcing. We can help your company get on track towards full compliance. Contact us today.
- The risks associated with geolocation data: an assessment by LINC, CNIL - August 11, 2022
- CJEU ruling on special categories of personal data - August 9, 2022
- Fine imposed on Volkswagen by German Data Protection Commissioner for multiple GDPR violations - August 4, 2022