By Naveen Athrappully September 6, 2022 Updated: September 6, 2022
Meta-owned Instagram has been fined 405 million euros ($403 million) by the Irish Data Protection Commission after it was found that the platform violated European privacy law General Data Protection Regulation (GDPR).
In 2020, the Irish Data Protection Commission kicked off an investigation into Instagram because the platform made accounts of children between the ages of 13 and 17 public by default. Instagram allowed children to set up business accounts on the platform, making their phone numbers and email addresses public.
A spokesperson for the commission confirmed to Reuters that its final decision imposed a fine of 405 million euros on the Meta-owned platform. More details on the matter will only be published next week.
This is the second-highest fine imposed under the GDPR rules after Amazon was fined a record 746 million euros ($743 million) by Luxembourg’s data protection authority in July last year.
This is the third fine charged by the Irish regulator on a Meta-owned company. In September 2021, WhatsApp was fined 225 million euros ($224 million). In March this year, Facebook was fined 17 million euros ($17 million). At present, the Irish Data Protection Commission has at least six more investigations related to Meta-owned firms.
Ireland is at the focal point of multiple legal battles tied to Meta’s data collection practices. As the firm has its European headquarters in the country, Ireland has the responsibility to ensure the platform’s compliance with GDPR rules.
Policymakers in Europe adopted more rules to protect children online this year. For instance, the Digital Services Act prohibits firms from using data to target personalized advertisements to individuals below the age of 18.
Meta Response, US Laws
In a statement, a Meta spokesperson said that the 405 million euro fine is related to an inquiry that focused on old settings on Instagram, according to Politico.
The company updated these settings more than a year ago and has since released several features to protect the information of teenagers, the spokesperson insisted.
“Anyone under 18 automatically has their account set to private when they join Instagram, so only people they know can see what they post, and adults can’t message teens who don’t follow them.”
“We engaged fully with the DPC [the Irish regulator] throughout their inquiry, and we’re carefully reviewing their final decision,” the spokesperson said.
In addition to Ireland, several nations, including the United States, are ramping up efforts to protect children online. On Aug. 30, the California Legislature passed A.B. 2273—the California Age-Appropriate Design Code Act—which is expected to go into effect in July 2024 once signed by the state governor.
The bill, co-sponsored by California state Sen. Jordan Cunningham, a Republican, forces online services to limit the risks that some popular features pose to children, like allowing strangers to message one another.
Naveen Athrappully is a news reporter covering business and world events at The Epoch Times.