The United States Company Instagram is being investigated by Ireland’s DPC (Data Protection Commissioner) over its handling of children’s personal data on the platform. The American company and social media app’s owner Facebook could face a large fine if Instagram is found to have broken European Union privacy laws. The investigations stem from complaints that Instagram made contact information on business accounts publicly visible to anyone accessing the app.
A number of United States tech giants have their European headquarters in Ireland, and the Data Protection Commissioner is the lead European Union regulator under the European Union General Data Protection Regulation (GDPR), which came into force in 2018.
The Data Protection Commissioner is responsible for protecting individuals’ right to online privacy and has the power to issue large fines.
The Irish regulator is investigating whether Facebook has a legal basis for processing children’s personal data and if it employs adequate protections and restrictions on Instagram for children.
Separately, it is also looking at whether Facebook has adhered to General Data Protection Regulation requirements in relation to Instagram’s profile and account settings. It is inquiring into whether Facebook is adequately protecting the data protection rights of children as vulnerable persons.
Previous year the month of February 2019, Data scientist expert David Stier analyzed profiles of almost 200,000 Instagram users across the world. He estimated that for over a year, at least 60 million users under the age of 18 were given the option to easily change their profiles into business accounts.
Instagram business accounts require users to display their phone numbers and email addresses publicly, it means that personal data belonging to many users is visible to other Instagram users. The same personal information was also contained in the HTML source code of the web pages accessed when using Instagram on a computer, meaning that it could be “scraped” by hackers.
Mr. Stier reported his findings to Facebook, but he wrote in a Medium blog that Instagram had refused to mask the email addresses and phone numbers for business accounts. However, Facebook did decide to remove the contact information from the source code of Instagram pages.
The minimum age for an open account on Instagram is 13 Years. The deputy commissioner with Data Protection Commissioner Mr. Graham Doyle said that – “Instagram is a social media platform which is used widely by children in Ireland and across Europe”.
The Data Protection Commissioner has been actively monitoring complaints received from individuals in this area and has identified potential concerns in relation to the processing of children’s personal data on Instagram which requires further examination.
Thank you for reading. We hope this gives you a brief understanding of the latest news. Are you interested read about other latest technology-related news? Explore our Technology News blogs for more.