The privacy regulator imposed a record fine against the social network Instagram, after an investigation into its handling of children’s data. The decision is significant as it is the first to deal with children’s online right to privacy.
A spokesperson for the DPC explained “This Inquiry was commenced on 21 September 2020 on foot of information provided to the DPC by a third party, and in connection with processing identified by the DPC itself”.
The inquiry concerned children being able to open business accounts on Instagram, which sometimes “required and facilitated the publication, to the world-at-large, the child user’s phone number and/or email address”. Other times, a registration system for Instagram was setting the accounts of child users to “public” by default, making public the social media content of their pages.
A spokesperson for Meta stated the company intends to appeal the fine, claiming that the DPC’s investigation focused on settings that were updated over a year ago. They continued:
"Anyone under 18 automatically has their account set to private when they join Instagram, so only people they know can see what they post, and adults can’t message teens who don’t follow them. While we’ve engaged fully with the DPC throughout their inquiry, we disagree with how this fine was calculated and intend to appeal it. We’re continuing to carefully review the rest of the decision.”
The record fine resulted after a consultation with other European data regulators, and comes after a €225 million fine for Whatsapp in 2021, and a €17 million fine on Facebook recently.
Original report here.