The fine issued by the DPC was the second-largest ever in relation to GDPR. WhatsApp was criticized and penalized for failing to meet transparency obligations under the privacy rules. Announcing the policy tweaks, WhatsApp says:
We know that privacy is a top concern for our users, so we want to be very clear: this update does not change the way we operate our service, including how we process, use or share your data with anyone, including our parent company Meta."
The company says that with the update it merely wants to "add additional detail around our existing practices".
WhatsApp users in affect territories will see a banner notification in the app inviting them to read the 12,000-word, 35-page policy document. Because there are no material changes to policy, users will not have to agree to anything new in order to continue using the service.
Analysis: privacy, globally
The problems faced by Meta for its WhatsApp, Facebook and other services highlight the difficulty of operating a global technology company that needs to comply with different privacy laws and other regulations around the world. For such a massive company, even a large fine such as the one issued by the Irish Data Protection Commission is really pockets change, and in no way serves as a deterrent against further breaches.
However, even mighty organizations like Meta can be forced to make changes if they want to operate in certain markets, and this is what has happened here. The increase public scrutiny legal action places on firms also plays a vitally important role in encouraging good behavior and best practice.