Did you know that not being transparent about what your company is doing with users’ data can be as bad as suffering a data breach? The new WhatsApp GDPR fine is an example of that.
Whatsapp is the latest example of what non-compliance could mean. They failed to comply with the Transparency Principle and now are facing a €225million fine.
Understanding Transparency in GDPR and the WhatsApp Fine
The most curious thing about this principle is that it may manifest in ways people do not usually expect. Transparency is not only about providing information, it’s also about how this information is provided.
WhatsApp, for example, did provide information about what they were doing with users’ data. However, their users were often required to jump through multiple links to get the material they were looking for on the WhatsApp website, which became a needlessly frustrating exercise.
The language used was also a problem because it left the reader questioning what exactly is meant by “Facebook Companies,” one of the biggest conglomerates of the globe.
Another finding of the investigation was that the company often used multiple bases to “ground” certain processing operations. This kind of ambiguity could lead to a great deal of confusion.
Even non-users had their rights crippled. The ‘Contact Feature’ on the app-enabled WhatsApp to access a user address book and the phone numbers of those people. The company failed to inform the non-users about this access and its purpose.
So what can we draw from this?
- Always share the information required by the legislation
- Concentrate this information in one single document
- Use clear and plain language
- Avoid ambiguity
- Address the rights of non-users whose data you may have access
Finally, remember that honesty and transparency have always been the best way to get consumers’ trust. You can only win by using this approach.
Not sure if your business has been properly complying with personal data lately? Contact us today, and let’s find out!