top of page

Data Protection Commission fine Instagram €405 million for breaching the data rights of children

Taken from

The Irish Data Protection Commission (DPC) says that it has fined Instagram €405m for breaching the privacy rights of children.

It’s the DPC’s biggest fine so far, and the second substantial fine imposed on Meta, after a €225m fine imposed on Whatsapp last year. A €17m fine on Facebook was also imposed by the Irish regulator more recently.

“We adopted our final decision last Friday and it does contain a fine of €405 million,” said a DPC spokesperson. “Full details of the decision will be published next week.”

The €405m fine is the result of a consultation process with other European data regulators. A spokesperson described the Irish DPC decision as “significant” as it is the first to deal with children’s private information.

“This Inquiry was commenced on 21 September 2020 on foot of information provided to the DPC by a third party, and in connection with processing identified by the DPC itself,” the spokesperson said.

The scope of inquiry focused on Facebook allowing child users between the ages of 13 and 17 to operate ‘business accounts’ on the Instagram platform.

"At certain times, the operation of such accounts required and facilitated the publication, to the world-at-large, the child user’s phone number and/or email address,” said the spokesperson.

At other times, Facebook operated a user registration system for the Instagram service whereby the accounts of child users were set to ‘public’ by default, thereby making public the social media content of child users, unless the account was otherwise set to ‘private’ by changing the account privacy settings.

Meta has not yet commented on the fine.


12 views0 comments


bottom of page