Ireland's Data Protection Commission completed its inquiry into Meta platform’s WhatsApp, and fined the company 5.5 million euros related to forced user consent for the processing of their data 19 Jan. The DPC said the fine was significantly less than recent fines issued to Facebook and Instagram because WhatsApp was fined 225 million euros in 2021. However, the DPC decision did not resolve its ongoing jurisdictional fight with the European Data Protection Board related to the EDPB's ability to mandate the scope of a member state's data protection inquiry. IAPP Staff Writer Alex LaCasse has the details.
Complex, fundamental questions within decisions
As more details unfold within the Irish DPC and EDPB’s published Meta decisions, the privacy community is grappling with complex and fundamental questions surrounding legal bases for data processing, transparency within privacy notices, uncertainty around EU General Data Protection Regulation compliance, and more. IAPP Staff Writer Jennifer Bryant hears from privacy professionals about the impacts stemming from the authorities' decisions that Facebook and Instagram's contract basis for seeking user permission to collect data for personalized advertisements is invalid.
Immediate, future impacts
There is much to unpack with the DPC's decisions against Meta resulting in a 390 million euro fine and forthcoming practical changes to the company's targeted advertising model. Reconsideration of legal bases for processing and the processing activities themselves are among the key points the decisions raise. Fox Rothschild Partner Odia Kagan, CIPP/E, CIPP/US, CIPM, FIP, PLS, runs down her top takeaways from the enforcement action.
If you want to comment on this post, you need to login.