A hefty fine of €405 million has been slammed on Instagram by the European Union privacy regulators. The fine is for a breach of the EU’s General Data Protection Regulation [GDPR]. This followed a complaint related to how the Meta-owned company handles data related to children.
The final verdict reached by the EU on Instagram’s breach of the GDPR was sent to Meta last Friday according to TechCrunch. However, the report of the fine seems to have preceded the publication on the websites of the company’s lead data supervisor in the EU, Ireland’s Data Protection Commission [DPC], and the European Data Protection Board (EDPB).
Ireland’s DPC confirmed the level of fine to TechCrunch. Deputy commissioner, Graham Doyle said: “We adopted our final decision last Friday and it does contain a fine of €405 million. Full details of the decision will publish next week.”
The €405 million is the largest GDPR fine Instagram has been slammed with since its inception. In 2021, another of Meta’s platform WhatsApp was fined $267M for violation of the GDPR’s transparency principle.
The complaint brought against Instagram centered on how it processes children’s data for business accounts and on a user registration system it operated, which the DPC found could lead to accounts of child users being set to “public” by default, unless the user changed the settings of his account to “private.”
In March, Meta was fined was fined by the Irish Data Protection Commission. Meta is to pay a fine of €17m or about $18.6 million following an inquiry by the commission into a “series of 12 data breach notifications it received in the six-month period between 7 June 2018 and 4 December 2018.”
The purpose of the inquiry was to examine to which extent all Meta Platforms complied with GDPR’S requirements, in relation to how it processed personal data relevant to the 12 breach notifications.
The commission according to RTE, found that Meta failed to provide appropriate technical and organizational measures that would allow it to immediately demonstrate the security measures it implemented in practice to protect the data of EU users.
In 2021, Facebook was slammed with a $6.1 million fine by the South Korean Personal Information Protection Commission [PIPC]. Facebook was asked to pay the fine for sharing user information without consent.
