Facebook-owned WhatsApp has been fined €225 million ($267 million) for breaking the European Union’s data privacy rules. Ireland’s Data Protection Commission (DPC) announced the decision in an 89-page summary (PDF), noting that WhatsApp did not properly inform EU citizens how it handles their personal data, including how it shares that information with its parent company.
A WhatsApp spokesperson said in an email to The Verge that the company will appeal the decision.
“WhatsApp is committed to providing a secure and private service. We have worked to ensure the information we provide is transparent and comprehensive and will continue to do so,” the spokesperson said. “We disagree with the decision today regarding the transparency we provided to people in 2018 and the penalties are entirely disproportionate.”
The decision by the DPC began with an investigation in 2018 and is the second-largest fine levied under GDPR regulations. In July this year, Amazon was fined a record $887 million for breaching the EU privacy laws.