Amid public backlash, Instagram will be more strict about what it recommends to teen users, its chief executive said. — © AFP
The Irish Data Protection Commission on Monday said it had fined Instagram a record 405 million euros ($402 million) for violating children’s data rules.
“We made our final decision last Friday and it contains a €405 million fine,” the DPC said in a statement. Full details of the decision will be published next week, he added.
In late 2020, the DPC began investigating concerns about how the social media image-sharing platform handles children’s personal data.
The investigation focused on the “acceptability” of the Instagram profile and account settings for children, as well as the firm’s “responsibility to protect the data protection rights of children as vulnerable individuals.”
This was done in accordance with the General Data Protection Regulation (GDPR), the EU’s charter of data rights, which came into force in May 2018.
The GDPR gives data regulators the power to impose tough penalties for violations.
Since Instagram is owned by Meta, which has its European headquarters in Dublin, it is up to the DPC to enforce the rules.
Last year, he fined WhatsApp, also owned by Meta, a then-record €225 million for violating data protection rules.
Meta, which also owns Facebook, was fined 17 million euros in March for 12 data breaches.
When Meta contacted AFP, there was no immediate response.
But Irish public broadcaster RTE quoted a company spokesman as saying the Instagram request “focuses on old settings that we updated over a year ago.”
“Since then, we have released many new features to help keep teens safe and private,” they added.
“For anyone under the age of 18, when they join Instagram, their account automatically becomes private, so only people they know can see what they post, and adults can’t message teens who aren’t following them. “.
They added that the company does not agree with how the fine was calculated and plans to appeal.