Hi, what are you looking for?
Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.
By
Flipboard
Reddit
Pinterest
Whatsapp
Whatsapp
Email
Social media giant Meta has been fined an additional 5.5 million euros ($5.9 million) for violating EU data protection regulations with its instant messaging platform WhatsApp, Ireland’s regulator announced Thursday.
The penalty follows a far larger 390-million-euro fine for Meta’s Instagram and Facebook platforms two weeks ago after they were found to have flouted the same EU rules.
In its new decision, the Irish Data Protection Commission (DPC) found the group acted “in breach of its obligations in relation to transparency,” the watchdog said in a statement.
In addition, Meta relied on an incorrect legal basis “for its processing of personal data for the purposes of service improvement and security,” the DPC added, giving the group six months to comply.
{ Read: Has Facebook Sidestepped GDPR’s User Consent Requirements? }
The fine was imposed by the Irish regulator because Meta — along with other US tech firms — has its European headquarters in Dublin.
In response on Thursday, Meta said it was opposed to the DPC decision and would look to overturn it.
“We strongly believe that the way the service operates is both technically and legally compliant,” a WhatsApp spokesperson said.
“We disagree with the decision and we intend to appeal.”
The breaches are similar to those explained in the regulator’s action against Meta earlier in January.
But the earlier decision also accused the Meta platforms of breaking rules over the processing of personal data for the purpose of targeted advertising.
In that instance the company, co-founded by social media magnate Mark Zuckerberg, was given only three months to respond to comply with the Irish regulator.
Meta announced its intention to appeal the 4 January decision, adding the regulatory ruling did not prevent targeted or personalised advertising.
The DPC said its more recent fine was considerably less because of a 225 million euro fine imposed on WhatsApp for “for breaches of this and other transparency obligations over the same period of time”.
Thursday’s Whatsapp fine was also far lower because it did not relate to targeted advertising.
The Irish regulator had fined Meta 405 million euros in September for failures in handling the data of minors, and 265 million euros in November for not sufficiently protecting users’ data.
This latest round of fines follows the adoption of three binding decisions by the European Data Protection Board (EDPB), the EU’s data protection regulator, in early December.
The Vienna-based privacy group NOYB, which brought the three complaints against Meta in 2018, had accused the social media behemoth of reinterpreting consent as a civil law contract, which stopped users from refusing targeted advertising.
In reaction to Thursday’s news, NOYB criticised the “tiny” size of the latest fine — and slammed the DPC for ignoring how WhatsApp shares data within the group for advertising purposes.
“We are astonished how the DPC simply ignores the core of the case after a 4.5-year procedure,” said NOYB founder Max Schrems.
In October 2021, the Irish authority had proposed a draft decision that validated the legal basis used by the group and suggested a fine of up to 36 million euros for Facebook and up to 23 million euros for Instagram, over their lack of transparency.
France’s CNIL regulator and other European bodies disagreed with the draft sanction, which they considered to be far too low.
They asked the EDPB to judge the dispute with the EU data regulator deciding in their favour.
The EDPB has also asked the Irish regulator to investigate Meta’s use of personal data.
However in its statement the DPC pushed back saying the the EU body does not have the power to “direct an authority to engage in open-ended and speculative investigation”.
The regulator said it will seek to annul the EDPB’s request before the European Union’s Court of Justice.
AFP 2023
Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.
Join this webinar to gain clear advice on the people, process and technology considerations that must be made at every stage of an OT security program’s lifecycle.
This presentation will provide an overview of the security risks associated with SaaS, best practices for mitigating these risks and protecting data, and discuss the importance of regularly reviewing and updating SaaS security practices to ensure ongoing protection of data.
While there are many routes to application security, bundles that allow security teams to quickly and easily secure applications and affect security posture in a self-service manner are becoming increasingly popular. (Joshua Goldfarb)
Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies. (Marc Solomon)
No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base. (Derek Manky)
Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud, and edge. (Matt Wilson)
How threat intelligence is critical when justifying budget for GRC personnel, and for threat intelligence, incident response, security operations and CISO buyers. (Landon Winkelvoss)
Flipboard
Reddit
Pinterest
Whatsapp
Whatsapp
Email
The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often…
U.S. fighter jets successfully shot down the high altitude spy balloon launched by and belonging to China.
Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta…
Many in the United States see TikTok, the highly popular video-sharing app owned by Beijing-based ByteDance, as a threat to national security.The following is…
As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for…
For the past seven months, the Tor network has been hit with numerous DDoS attacks, some impacting availability.
The U.S. is tracking a suspected Chinese spy balloon spotted over U.S. airspace, officials said on Feb. 2, 2023.
The EU’s digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms…
Got a confidential news tip? We want to hear from you.
Reach a large audience of enterprise cybersecurity professionals
Subscribe to the SecurityWeek Daily Briefing and get the latest content delivered to your inbox.
Copyright © 2023 Wired Business Media. All Rights Reserved.
Leave a Reply