Social media giant Meta has been fined an additional 5.5 million euros (about Rs 47.8 billion) for breaching EU privacy rules with its instant messaging platform WhatsApp, the Irish said regulator on Thursday.
The fine follows a much larger fine of 390 million euros (approximately Rs. 3,429 billion). meta Instagram and Facebook Platforms two weeks ago after being found to have breached the same EU rules.
In his new decision, the Irish Data Protection Commission (DPC) noting that the group “has breached its obligations regarding transparency,” the watchdog said in a statement.
In addition, Meta invoked an incorrect legal basis “for processing personal data for the purpose of service improvement and security,” the DPC added, giving the group six months to do so.
The fine was imposed by the Irish regulator because Meta – along with other US tech companies – has its European headquarters in Dublin.
In response, Meta said Thursday she opposed the DPC decision and would seek to overturn it.
“We firmly believe that the functioning of the service is both technically and legally compliant”, a Whatsapp spokesman said.
“We do not agree with the decision and intend to appeal.”
The violations are similar to those declared in the regulator’s lawsuit against Meta in early January.
However, in the earlier decision, the meta-platforms were also accused of violating rules on the processing of personal data for the purpose of targeted advertising.
In this case, the company, co-founded by social media magnate Mark Zuckerberg, had just three months to respond to comply with Irish regulator requirements.
Meta announced its intention to appeal the Jan. 4 decision, adding that the regulatory ruling did not prevent targeted or personalized advertising.
The DPC said its latest fine was significantly less as WhatsApp was fined 225 million euros (about Rs 1,978 billion) for “breaching these and other transparency obligations in the same period”.
Thursday’s WhatsApp penalty was also significantly lower because it was not related to targeted advertising.
Irish regulators fined Meta €405 million (approx.
This latest round of fines follows the adoption of three binding decisions by the European Data Protection Board (EDPB), the EU’s data protection authority, in early December.
The Viennese data protection group NOYB, which brought the three lawsuits against Meta in 2018, accused the social media giant of reinterpreting consent into a civil law contract that prevents users from opting out of targeted advertising.
In response to Thursday’s news, NOYB criticized the “tiny” size of the latest fine – and slammed the DPC for ignoring how WhatsApp shares data within the group for advertising purposes.
“We are amazed how the DPC simply ignores the core of the case after 4.5 years of proceedings,” said NOYB founder Max Schrems.
In October 2021, the Irish Authority had issued a draft decision validating the legal basis used by the group and imposing a fine of up to 36 million euros (about 3.16 billion rupees) for Facebook and up to 23 million euros (about 202 crore) for Instagram for their lack of transparency.
The French regulator CNIL and other European bodies disagreed with the draft sanctions, believing them to be far too low.
They asked the EDPB to adjudicate the dispute with the EU data regulator, which ruled in their favour.
The EDPB has also asked the Irish regulator to investigate Meta’s use of personal data.
However, in its statement, the DPC refuted it, saying the EU body does not have the power to “direct any authority to engage in open-ended and speculative investigations”.
The regulator said it would seek to have the EDPB’s application null and void before the Court of Justice of the European Union.
