Right, because the personal information is being transmitted outside the EU. Even if it's from a browser in the EU to a server in the US, that still counts. It's still an activity taking place in the EU.
The Brazilian case isn't about data transmission though. WhatsApp isn't in breach of any rules about that. It's about court ordered access to records stored on an server in a specific geographic location - The USA. Now if the Brazilian government passed a law requiring WhatsApp to record all data on servers in Brazil that would at least be possible to comply with.
The Brazilian case isn't about data transmission though. WhatsApp isn't in breach of any rules about that. It's about court ordered access to records stored on an server in a specific geographic location - The USA. Now if the Brazilian government passed a law requiring WhatsApp to record all data on servers in Brazil that would at least be possible to comply with.