Ireland’s privacy watchdog has fined Meta Platforms for sharing personal information of underage Instagrammers. In addition, Meta is required by the Irish Data Protection Commission (DPC) to implement a number of corrective measures. Among other things, to prevent repetition, but above all to better guarantee the privacy of (underage) Instagrammers and to ensure that Meta adheres to the applicable privacy rules. The fine that Meta has to cough up amounts to 405 million euros.
Mail addresses and telephone numbers public
Research, conducted in 2020, showed that Instagram’s registration process was shaky. The e-mail address and telephone number of users who created a so-called business Instagram account were revealed. This privacy violation also affected underage users, which, according to the DPC, is in violation of European privacy legislation (GDPR).
“In particular, the investigation focused on the disclosure of email addresses and/or phone numbers of children using the Instagram feature for business accounts and a default setting for children’s personal Instagram accounts,” the DPC said in a press release.
Meta has lodged an objection after the DPC has established the privacy violation of underage users. The Irish privacy authority, together with privacy regulators from other European countries, subsequently investigated whether Meta’s objection was justified or not.
Well, the regulators have now concluded that this is not the case and the fine is therefore definitively imposed. It is not the first time that Meta or any other tech giant has been attacked by European privacy watchdogs. For example, Amazon was already fined almost three quarters of a billion and WhatsApp, also from Meta, had to tap 220 million a year ago for an AVG violation.