Instagram is being investigated regarding alleged illegal processing of children’s data, by the Irish privacy watchdog which is the EU’s lead authority on Facebook.
The Data Protection Commissioner (DPC) is investigating whether Instagram’s parent company Facebook was illegally processing the data of children who chose to switch from personal accounts to business accounts, thus publishing their contact details.
Until last year Instagram required business accounts to make their contact information public. Facebook says it made it clear to those accounts that this information would be public, although it is now optional for business accounts on Instagram whether they share any contact details.
“The DPC has been actively monitoring complaints received from individuals in this area and has identified potential concerns in relation to the processing of children’s personal data on Instagram which require further examination,” it said in a statement.
If the social media company is found to have violated European privacy regulations then it could face a fine of up to 4% of its global turnover, although a fine of that scale has never been issued.
Back in 2019, data scientist David Stier found that millions of personal accounts on Instagram which had been switched to business accounts were publicising their contact details.
Mr Stier reported to Facebook his discovery that accounts apparently belonging to minors were showing the children’s phone numbers and their email addresses.
Facebook does not dispute that some minors’ contact information was shown.
“Speaking as a parent, I want to be assured that the experience Instagram offers to teens is as ‘adult-overseen’ as possible,” he added.
The Irish DPC said its investigation “will also consider whether Facebook meets its obligations as a data controller with regard to transparency requirements in its provision of Instagram to children”.
A spokesperson for Instagram told Sky News: “We’ve always been clear that when people choose to set up a business account on Instagram, the contact information they shared would be publicly displayed.
“That’s very different to exposing people’s information,” they stressed.
“We’ve also made several updates to business accounts since the time of Mr Stier’s mischaracterisation in 2019, and people can now opt out of including their contact information entirely.
“We’re in close contact with the IDPC and we’re cooperating with their inquiries,” they added.
The complaint also follows Facebook admitting that the coronavirus pandemic meant images of child nudity and sexual exploitation have been spreading on its platforms.
The tech giant said moderation levels dropped when content moderators were sent to work from home in March during the height of the COVID-19 outbreak.
Originally published at sky