Instagram has been heavily fined by Irish regulators after an investigation revealed that the social media platform mismanaged the confidential information of teenagers in breach of the European Union’s strict data protection rules. The fine is the second largest imposed under the EU’s stringent privacy rules, following a 746 million euros fine imposed by Luxembourg regulators last year.
The Irish Data Protection Commission said in an email on Monday that it made a decision last week to fine Instagram 405 million euros ($402 million) after investigating how Instagram misrepresented personal information about users aged 13 to 17, such as email addresses and phone numbers.
The investigation began when a data scientist found that users, including those under the age of 18, switched to business accounts and displayed their contact details on their profiles after Instagram began disabling the feature from personal accounts in some countries to help with mental health. Users reportedly did so to see measures of how many likes their posts received.
Instagram’s parent company, Meta, has disagreed with the calculation of the fine and intends to challenge it. Instagram also stated that the investigation focused on “old settings” that were updated more than a year ago, and the company has since added new privacy features for teenagers, such as automatically placing their accounts on private when they join.
The sources for this piece include an article in Reuters.
