Instagram slapped with a €405 million penalty for breaching EU's GDPR
The European Union privacy regulators have fined Instagram with a €405 million penalty for a breach of the EU's General Data Protection Regulation (GDPR). The decision came on a long-running complaint related to how the social media platform handles children's data.
This Instagram penalty is the largest GDPR penalty the social media giant has been hit with to-date following a $267 million penalty levied upon the Meta-owned messaging platform WhatsApp last September for violations of the GDPR's transparency principle.
The complaint was registered with respect to the platform's processing of Children's data for business accounts and on a user registration system which was found to lead to the coots of child users being set to "public" by default, unless the user changed the account settings to set it to "private.
The GDPR contains strong measures requiring privacy by design and default generally — as well provisions aimed at enhancing the protection of children's information specifically and ensuring that services targeting kids are living up to transparency and accountability principles (such as by providing suitably clear communications that children can understand).