Meta’s instant messaging app was fined 5.5 million euros for violating the GDPR. This sanction comes a few days after a sanction of 390 million euros.
Meta, Facebook’s parent company, received a new fine of 5.5 million euros from the Irish regulator on Thursday January 19 for violating the European Data Regulation (GDPR) by its WhatsApp messaging service, after a penalty of 390 million euros. euros at the beginning of January.
In this new decision, the Irish Data Protection Commission (DPC), which acts on behalf of the EU, found in particular that the digital giant acted “in breach of its transparency obligations”, indicated the regulator in a press release.
A hit to Meta’s ad revenue
In addition, Meta was relying on an erroneous legal basis “for its processing of personal data for the purpose of improving the service and security”, continues the DPC, which gives the American group six months to “put its data processing operations data in accordance”. This sanction is based on similar grounds to the one adopted at the beginning of the month, which targeted the Meta subsidiaries, the social networks Facebook and Instagram.
But the decision adopted at the beginning of the month also accused these Meta subsidiaries of failures related to the processing of personal data for the purposes of targeted advertising, a decision likely to inflict a blow to the advertising revenue of the group.
Meta, however, immediately announced its intention to appeal and was quick to add that the penalty did not prevent targeted or personalized advertising.
A lack of transparency already sanctioned in 2021
The fine is much lower this time, in particular because it does not relate to questions of targeted advertising, but also because “the DPC had already imposed a very substantial fine of 225 million euros on WhatsApp” for facts which related “to the same period”, she argues.
The regulator had in fact imposed a heavy penalty on WhatsApp in September 2021 for having failed in its transparency obligations, in particular on data transfers to other companies in the group.
The Irish policeman had also sentenced the Californian giant in September to a fine of 405 million euros for failures in the processing of minors’ data, and in November to the tune of 265 million euros for not having sufficiently protected the data. of its users.
This new series of fines imposed in January follows the adoption in early December of three binding decisions by the European Data Protection Board (EDPB), the European regulator of the sector.
