– Instagram violated European Data Protection Rules
– META FINED €405 million
– one of the largest fines to date under the General Data Protection Regulation (G.D.P.R)
Ireland’s Data Protection Commission has held that Instagram violated European data protection rules by making the accounts of children aged 13 to 17 set to public by default, and for allowing teenagers with business accounts to make their email addresses and phone numbers public.
As Meta uses Ireland as its European headquarters, Ireland is tasked with policing the company’s compliance with G.D.P.R., the law enacted in 2018 to limit how companies collect and share people’s data.
Meta, the owner of Instagram, has been fined €405 million for the breach. The fine is the one of the largest under GDPR. In July 2021 Amazon was fined €746m in connection with its data processing practices.
Meta plans to appeal.
In response Meta points out: “This inquiry focused on old settings that we updated over a year ago, and we’ve since released many new features to help keep teens safe and their information private. Anyone under 18 automatically has their account set to private when they join Instagram, so only people they know can see what they post, and adults can’t message teens who don’t follow them. While we’ve engaged fully with the DPC throughout their inquiry, we disagree with how this fine was calculated and intend to appeal it. We’re continuing to carefully review the rest of the decision.”
There are two legislative initiatives upgrading rules governing digital services in the EU: the Digital Services Act (DSA) and the Digital Markets Act (DMA) whose objectives include:
– To create a safer digital space in which the fundamental rights of all users of digital services are protected
– To establish a level playing field to foster innovation, growth, and competitiveness, both in the European Single Market and globally.
Under the new DSA companies are prohibited from using certain data to personalize advertising targeted at people under 18 years old.
Instagram has been under particular scrutiny in Europe and the United States for its policies related to children, including how its recommendation algorithm affects body image and self-esteem. President Biden has called for stronger child protections on social media.
In 2021 regulators fined Meta € 225 million for violations related to the messaging service WhatsApp for “severe” and “serious” infringements of GDPR.
In March, the authorities fined the company €17million over a data breach.
In a separate case, Meta may be forced to stop moving data from European users to the company’s U.S. data centres following a court decision that data from Facebook and Instagram users in Europe is not protected from US surveillance agencies that have legal access to information about international users.
Follow @AndrewEborn @OctopusTV