Instagram hit with record GDPR fine

Meta Platforms Inc., was fined 405 million euro, the largest GDPR fine to have ever been received by the company and the second largest fine ever issued by the Irish Data Protection Authority.
The Autority’s investigation revealed that Instagram was disclosing email addresses and/or phone numbers belonging to children using the Instagram business account feature and a public-by-default setting for personal Instagram accounts of children.
Regarding this, it was decided that the publication of children’s information remained unnecessary or, if considered necessary, did not pursue a legitimate enough interest. Therefore, it was concluded that Meta was collecting and processing children’s data without a legal basis received a fine accordingly.
The EDPB therefore concluded that Meta IE processed children’s personal data unlawfully without a legal basis. The practice has since ended as a consequence of the inquiry.
Written by: Briana Huști