Facebook-owned messaging application WhatsApp, after receiving a €225,000,000 fine 2 days ago by the Irish DPC, the European Union Chief Data Officer, for not complying with the standard required by the European General Data Protection Regulation (GDPR), was the Personal Data Protection Authority in Turkey yesterday. He was fined 1,950,000 TL.
These penalties came just after WhatsApp CEO Will Cathcart recently shared his "privacy concerns" regarding the Apple Child Abuse Kit.
https://bit.ly/38IIRop
https://bit.ly/38IIVVb
The Personal Data Protection Authority Also Announced That It Penalized WhatsApp
In the Decision of the Institution; The element of expressing explicit consent with free will is damaged; The terms of "transfer" in the Terms of Service and Privacy Policy are presented by the data controller as non-negotiable, and the data subjects are compelled to approve the contract as a whole; These behaviors of the data controller constitute a violation of the principle of compliance with the law and the rules of honesty; There is no proportional and limited information for the purpose for which the data is processed, and it is not clearly stated in the aforementioned texts which data will be transferred for what purpose; An administrative fine of 1,950,000 TL was imposed on Whatsapp, the Data Controller, on the grounds that the data controller did not obtain explicit consent from the relevant persons regarding the personal data processing activity to be carried out through cookies for profiling purposes, and that the personal data processing activity carried out within this scope is not in accordance with the law. Since it is understood that the Terms of Service and Privacy Policy texts dated 04.01.2021 are currently available to users as valid versions, it has been decided by the KVKK to make the said texts compatible with the Law within three months in order to inform the relevant persons correctly.
WhatsApp fined 225 million Euros
The Irish Data Protection Commission (DPC) has fined WhatsApp 225 million euros. The Facebook-owned messaging app has been launched by the Irish DPC, chief data officer in the European Union, since December 2018 – a few months after the first complaints were sent to WhatsApp about how it processes user data under Europe's General Data Protection Regulation (GDPR). under investigation. DPC's decision on September 2, 2021 (266 pages) indicates that WhatsApp is not up to the standard required by GDPR. In the investigation, it was evaluated whether WhatsApp fulfilled its transparency obligations towards both its users and those who do not use its service. For example, if a user agrees to receive the phone book containing other people's personal information, WhatsApp can upload non-user phone numbers. In summary, DPC has identified a number of transparency violations by WhatsApp. In addition to a massive financial penalty, he ordered WhatsApp to take a series of measures to improve the level of transparency it offers to users and non-users - giving the tech giant a three-month deadline to make all ordered changes. In a statement responding to the DPC's decision, WhatsApp contested the findings and described the penalty as "totally disproportionate" - further confirming that it will appeal, writing: WhatsApp is committed to providing a secure and private service. We have worked and will continue to work to ensure that the information we provide is transparent and comprehensive. We disagree with today's decision on the transparency we provide to people in 2018 and consider the penalties to be completely disproportionate. We will appeal this decision. It is worth emphasizing that the scope of the DPC investigation, which was finally agreed today, is limited to looking only at WhatsApp's transparency obligations. The regulator did not openly examine broader complaints about WhatsApp's alleged legal basis for processing people's information in the first place – which has also been raised against Facebook's data-mining empire for more than three years. Therefore, DPC will continue to face criticism for both the speed and approach of GDPR implementation.
Source:
techcrunch.com
