WhatsApp has been fined €225m (£193m) by Irish authorities for failing to tell some users how much data was shared with Facebook.
The fine came after European privacy authorities intervened in Ireland’s investigation into the Facebook-owned app, forcing it to increase its planned penalty.
The fine is the second biggest issued under the General Data Protection Regulation, which was introduced in 2018 and requires technology companies to gain clear consent from users for many forms of data gathering.
The Irish watchdog found that WhatsApp had gathered data from non-users without their consent when users agreed to share their contact details, and how much data was shared between WhatsApp and Facebook.
Helen Dixon, Ireland’s data commissioner, said WhatsApp had only provided about a third of the required consent data for users of its service, which she called “a very significant level of non-compliance”.
However, the regulator’s draft decision was opposed by eight of Europe’s privacy watchdogs, which called for stiffer punishments for WhatsApp.
Its international business is based in Ireland and the nation is home to many foreign technology companies that have taken advantage of its low tax rates.
Ms Dixon had proposed a fine of €30m to €50m, but fellow regulators demanded the penalty be increased. The decision was referred to the European Data Protection Board, which called for the Irish regulator to “reassess and increase its proposed fine”.
It also dwarfs the €450,000 fine imposed by the Irish regulator on Twitter last year, which had been its highest penalty.
WhatsApp plans to appeal the fine. “WhatsApp is committed to providing a secure and private service. We have worked to ensure the information we provide is transparent and comprehensive and will continue to do so," a spokesman said.
“We disagree with the decision today regarding the transparency we provided to people in 2018 and the penalties are entirely disproportionate.”