The long running dispute between WhatsApp, Facebook and the Information Commissioner's Office (ICO) over how the messaging platform and social network share data has finally come to an end.
The ICO announced that it has closed its investigation into that matter due to the fact that the two companies only share user data for basic data processing. WhatsApp has also agreed to and signed an undertaking in which it has agreed not to share any data with Facebook until both companies can do so in a way that is complaint with GDPR.
Neither company will be fined by the ICO since sharing personal data between businesses is allowed when the right legal requirements are followed.
Commissioner Elizabeth Denham offered further insight on the outcome of the investigation and on why the ICO decided to issue an undertaking to WhatsApp in a letter to the company, saying:
“I reached the conclusion that an undertaking was the most effective regulatory tool for me to use, given the circumstances of the case. As WhatsApp has assured us that no UK user data has ever been shared with Facebook (other than as a ‘data processor’, as explained below), I would not be able to meet the criteria for issuing a civil monetary penalty under the Data Protection Act.”
WhatsApp and Facebook can serve as an example for other businesses preparing to comply with GDPR to illustrate the point that it is perfectly okay for two organisations to share data when one businesses acts as a data processor to provide a support service to another.
Image Credit: Endermasali / Shutterstock