The European Union’s privacy watchdog, EDPB, gave the Irish data protection agency a month to decide a long-delayed case on compliance by WhatsApp. The other agencies rejected the Irish watchdog’s draft findings and fines, prompting the ultimatum on Wednesday.
The Irish agency, which leads oversight on Facebook, since the company’s EU headquarters are in the country, has been investigating the social media giant’s WhatsApp platform to see if it complies with transparency laws outlined in the bloc’s GDPR privacy rules.
The agency sought feedback from its counterparts in December but could not reach a consensus about the draft decision.
Taking it to the top dog
The other national agencies objected to the types of infringements identified by their Irish peer, whether the specific data in question was private user data and the appropriateness of the fines.
The Irish agency said that it would not follow the objections and referred them to the top watchdog, the EDPB.
On Wednesday, the overarching body reached a decision regarding the disagreements, but did not disclose details, saying the IE SA shall adopt its final decision, addressed to the controller, based on the EDPB decision, without delay and “at the latest one month’ after notification.
It is not too surprising that the country with the most favourable tax laws in the EU houses the largest multinational tech companies.
Reasonably speaking, the Irish agency would want to protect the relationship it has with these highly profitable companies, which could explain why it has been lagging in making a decision.
The delay received criticism from other watchdogs who were concerned by how long it was taking to wrap up the case, as well as the size of the fines proposed.