The Irish Data Protection Commission fined Meta €405 million following an investigation into how the company handled teens’ data on Instagram.
The investigation began almost 2 years ago and focused on cases where the company allegedly violated GDPR (General Data Protection Regulation) rules. For example, the social network Instagram allowed young users aged 13-17 to create business accounts on the platform, which made the contact information of these users publicly available. Sometimes users prefer to switch to business accounts as it gives them access to more analytics. Instagram also allegedly made the accounts of some young users public by default. Detailed information about the decision will be published at the end of this week.
This is the third and largest fine imposed by the Data Protection Commission on Meta. The previous fine of €225 million was imposed due to violations in informing WhatsApp users about how the service collected, used and shared their data. Another €17 million in fines were imposed for problems with keeping records of security breaches. The commission is also leading dozens of other investigations against major tech companies, including several more related to Meta’s data practices.
Meta said it disagreed with how the penalty was calculated and intends to appeal it. The company also claims that it updated the default public setting more than a year ago and now “any person under the age of 18 automatically becomes a private account when they join Instagram.” Also, adults can’t send messages to teens who aren’t following them.
Replacing harmful content with neutral and “rest” from the platform – Instagram will launch new features for teenagers
Source: The Verge