The company says that the update doesn’t change how it handles user data, but meets the demands of European Union privacy regulators about how transparent it is about this handling.
At its core, the ruling in September said that Meta (then Facebook) failed to adequately inform individuals of which jurisdictions WhatsApp processes users’ data in and how it identifies people in their contacts books.
The new policy takes effect in the UK as well as other European jurisdictions that have adopted the European Union’s General Data Protection Regulations (GDPR).
What did WhatsApp do wrong?
The fine was (and remains) the highest ever issued by the Irish DPC, which is the EU’s lead privacy regulator for Meta as the company’s European operations are based in Dublin.
It was issued after the European Data Protection Board (EDPB) in Brussels was called in to settle a dispute about WhatsApp between several EU privacy watchdogs to ensure the law was being interpreted the same way across the whole of the bloc.
The EDPB published a technically-detailed binding decision in July explaining why WhatsApp was not compliant with the GDPR, and recommended to the Irish DPC that it impose a record fine on the company.
“We disagree with the decision and are appealing because we believe we already provided the required information to all our users,” the spokesperson added.
“This update does not change our commitment to user privacy or the way we operate our service, including how we process, use or share your data with anyone, including Meta.
“Wherever you are in the world, we protect all personal messages with end-to-end encryption, which means no one, not even WhatsApp, can read or listen to them,” they added.