A spokesman for the Data Protection Commission said Monday that the agency has ended its investigation into WhatsApp and Twitter and issued that WhatsApp and Twitter may violate EU data privacy regulations. Graham Doyle, head of the agency’s communications department, said the investigation is now in the decision-making phase.
In the next phase, Ireland’s chief data regulator, Helen Dixon, will issue a draft decision, which is expected to be announced before the end of the year. This will be the first time Ireland has made a decision related to US multinationals since the EU’s General Data Protection Regulations (GDPR) came into effect in May 2018.
In its draft decision, if the two companies violate the data privacy rules, Dixon will determine that they are fined. It is reported that companies that violate the European Data Privacy Act may be fined 4% of their global annual income. For Facebook, based on its 2018 revenue, this could mean it would face more than $2 billion in fines.
Before making a decision, Dixon asked Facebook and Twitter to provide more information. Before making the final decision, her draft decision will be submitted to other EU regulators for feedback.
Currently, both Facebook and Twitter declined to comment.