The Irish Data Protection Commission has fined Meta €405 million after an investigation into how it handled data from teenagers in the European Union.
Instagram just received one of the highest fines under the European Union’s General Data Protection Regulation. The Irish data protection watchdog has fined Instagram 405 million euros for its handling of teenagers’ personal data on its platform.
The fine, which is the second highest under the GDPR after the 886 million euro penalty imposed on Amazon last year, is the third imposed by the Irish regulator on a company owned by Meta. We remember that the group has already had to pay a fine of 17 million euros at the beginning of the year for other breaches of the European GDPR, and another fine of 60 million euros for its management unbalanced advertising cookies.
What does the regulator blame Instagram for?
The Irish regulator launched an investigation into the app two years ago, due to publicly available phone numbers and email addresses from teenagers having professional accounts on the platform and the presence of default public accounts for children aged 13 to 17.
Until last summer, Instagram presumably automatically shared children’s contact information if they ran a business or creator account, which allowed adults to contact themr. This practice would have impacted millions of children in the European Unionbut no precise figures were given.
Meta said in a statement that it updated the public default over a year ago, and that ” anyone under 18 automatically has their account set to private when they join Instagram, so only people they know can see what they post, and adults can’t message teenagers who don’t follow them “. Meta would not disagree with the way this fine was calculated and would intend to appeal.