Germany's data regulator has banned Facebook from processing any data from WhatsApp users on the basis that its controversial new terms and service are illegal under GDPR.
Hamburg's Commissioner for Data Protection and Freedom of Information (DPA) issued an emergency order on Tuesday blocking Facebook from processing WhatsApp data "for its own purposes" for three months.
WhatsApp's privacy policy update has already been delayed due to the backlash from users but plans to share more data with its parent company, Facebook will be fully rolled out on 15 May.
The app already shares data with the social network and has done since 2016. However, it will now also share payment and transactional data in a bid to improve targeted advertising as the service moves towards online shopping.
''The order is intended to secure the rights and freedoms of the many millions of users who provided their consent to the terms of use throughout Germany," said Johannes Caspar, the head of the German data protection authority (DPA).
"The global criticism of the new terms of use should give rise to a fundamental rethink of the consent mechanism. Without the trust of users, no data-based business model can be successful in the long term.''
Facebook stated that it wouldn't share data with WhatsApp when it acquired the app in 2014, but it has struggled to make money from the service. Regulators in both India and Brazil have also taken similar regulatory action over the incoming policy change with the social network currently considering appeals.
In regards to the Hamburg DPA's order, WhatsApp said it is "based on a fundamental misunderstanding" of the purpose and effect of its update and therefore had no legitimate basis.
"Our recent update explains the options people have to message a business on WhatsApp and provides further transparency about how we collect and use data," a spokesperson for WhatsApp said. "As the Hamburg DPA's claims are wrong, the order will not impact the continued roll-out of the update. We remain fully committed to delivering secure and private communications for everyone."
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
PowerEdge - Cyber resilient infrastructure for a Zero Trust worldWhitepaper Combat threats with an in-depth security stance focused on data security
-
Anticipate, prevent, and minimize the impact of business disruptionsWhitepaper Nine best practices for building operational resilience
-
Three steps to transforming security operationsWhitepaper How to be more agile, effective, collaborative, and scalable
-
Top ten ways to anticipate, eliminate, and defeat cyber threats like a bossWhitepaper Improve your cyber resilience and vulnerability management while speeding up response times
-
The complete SaaS backup buyer's guideWhitepaper Informing you about the realities of SaaS data protection and why an SaaS back up is essential
-
The 'cyber aSaaSin' manualWhitepaper Providing valuable insights to identify SaaS data enemies and win the battle against SaaS data threats
-
Best practices for Microsoft 365 business continuityWhitepaper Discover how to mitigate the effects of large-scale, high-cost data loss disasters
-
How to answer a tricky subject access request (SAR)Tutorials How do you prove a customer is who they say they are, and how much information should you provide?
