On April 25, the Irish Data Protection Commission (DPC) announced the launch of an investigation to determine whether Facebook had acted in compliance with the GDPR, after the company found that hundreds of millions of user passwords were stored in plain text in its servers. According to the Irish Times, The DPC has eight active statutory investigations into Facebook, and a further three into Instagram and WhatsApp, which are both owned by Facebook.
Privacy and data protection are two interrelated Internet governance issues. Data protection is a legal mechanism that ensures privacy. Privacy is usually defined as the right of any citizen to control their own personal information and to decide about it (to disclose information or not). Privacy is a fundamental human right. It is recognised in the Universal Declaration of Human Rights, the International Covenant on Civil and Political Rights, and in many other international and regional human rights conventions. The July 2015 appointment of the first UN Special Rapporteur on the Right to Privacy in the Digital Age reflects the rising importance of privacy in global digital policy, and the recognition of the need to address privacy rights issues the the global, as well as national levels.