Instagram Fined $402 mln for Mishandling Teens’ Data in Ireland

Ireland's data privacy regulator imposed a record fine of 405 million euros ($402 million) on Instagram following an investigation into its handling of children's data. Instagram plans to appeal against the fine.

The investigation started back in 2020 and focused on child users between the ages of 13 and 17 who were allowed to operate business accounts, which facilitated the publication of the user's phone number and/or email address.

Meta spokesperson announced that Instagram updated its settings over a year ago and has since released new features to keep teens safe and their information private.

This is the third and largest fine the Irish Data Protection Commission has imposed on Meta. Last year, WhatsApp was fined 225 million euros (about $267 million at the time), as the DPC investigation found that WhatsApp didn’t properly inform EU citizens about how it collected and used their data, particularly regarding how it shared that data back with Meta. WhatsApp was ordered to change its privacy policy, and said it planned to appeal.

There was also a much smaller fine of 17 million euros (about $18.6 million) that Meta was ordered to par after DPC accused it of low standards of security policy. The DPC also has dozens of other investigations underway against Big Tech companies, including several more involving Meta’s data practices.