Instagram fined €405m in Ireland for privacy violations of children

Irish regulators, after a two-year investigation, have fined Instagram-owner Meta (recognized as an extremist organization in Russia) €405 million for violating the EU’s general data protection regulation, reports The Guardian. According to the Irish Data Protection Commission (DPC), Instagram allowed users aged 13-17 to create business accounts, and such accounts leave the user’s phone numbers and email addresses publicly available. In addition, the user registration system on Instagram made the accounts of users of this age group public by default.

The penalty imposed is the largest Meta has ever received from the DPC. In September 2021, Meta was fined €225 million by the DPC for “extremely serious” violations of WhatsApp’s GDPR. Another €17 million fine was imposed on Meta in March.

Commenting on the fine, Meta representatives explained that the investigation involved old Instagram settings and settings that had already been changed over a year ago. “Since then, we have already installed many new options that help protect teenagers and their personal data,” the company said. Now, when users under 18 open an account, they are closed by default. Meta expressed disagreement with the size of the imposed fine and intends to appeal against it in the near future.

Alena Miklashevskaya