On September 2, 2021, the Irish Data Protection Authority (DPA) has imposed a fine of €225 million on WhatsApp.
Whatsapp – GDPR : The Irish DPA Issues a €225 million Fine for Lack of Transparency
Facebook – Whatsapp: The EDPB requires the Irish SA to carry out statutory investigation on Facebook
On July 15, 2021, the European Data Protection Baord (EDPB) adopted its first urgent binding decision in application of Art. 66(2) GDPR following a request from the Hamburg supervisory authority.
In this case, the Hambourg Authority ordered a ban on processing WhatsApp users’ data by Facebook Ireland for their own purposes following a change in the Terms of Service and Privacy Policy applicable to European users of WhatsApp Ireland Ltd.
However, under article 66 GDPR, as the Irish supervisory authority is the the lead supervisory authority in this matter, the Hamburg Authority needed the validation of the EDPB for these provisional measures to become final.
The EDPB rejected the Hamburg Auhtority’s request but requires further investigations to be carried out on Facebook and Whatsapp Ireland.
Whatsapp Backdoor Loophole Explained by the Guardian
The Guardian has recently revealed that there were vulnerabilities into the Whatsapp encryption system. Indeed, because of re-sending system that would change the encryption keys each time a user reply to a message, government agencies could access any message sent.