Instagram has been fined €405 million for insufficiently protecting the data of minors, Ireland’s Data Protection Commission (DPC), which works as a watchdog for the European Commission in such a matters, announced on Monday.
A representative of the Irish Data Protection Commission (DPC) said, “We made our final decision last Friday, which consists of a fine of €405 million. Details will be released by next week.”
This is the toughest decision imposed by this authority since 2018, when the General Data Protection Regulation (GDPR) gave regulators more powers to protect consumers from the domination of Facebook, Google, Apple and Twitter.
The Instagram social network is part of the Meta group, which is also the parent company of Facebook. The DPC oversees Facebook on behalf of the EU, as the company has its regional headquarters in Ireland.
The regulator had opened an investigation at the end of 2020 to determine whether the application had put in place the required safeguards to protect user data, especially if the users were minors.
The users must be at least 13 years old to open an account on Instagram. The DPC was particularly concerned that users under the age of 18 could transition too easily to a professional account.
This type of account requires users to make their contact details public, meaning they are visible to everyone on the social network.
The regulator charged that, by default, the content of the accounts of minors was open to all users at certain times and was not limited to approved subscribers only.
