The EU is investigating Instagram for allegedly exposing the contact data of up to 5 million underage users
EUis investigating whether children, the Telegraph reports.
- It follows a complaint from a US data scientist, who last year said that Instagram allowed underage users to publicly display their phone numbers and email addresses by switching to "business" accounts.
- Ireland's Data Protection Commission, the official European data regulator for Instagram owner
- Under Europe's strict
data privacylaws, Instagram's parent company Facebook could face maximum fines equal to 4% of its annual revenue.
The EU is leading two active investigations into whether Instagram illegally exposed the personal details of millions of underage users, the Telegraph reported Monday.
The investigations are being carried out by Ireland's Data Protection Commission (
DPC Deputy Commissioner Graham Doyle told the Telegraph that the commission "has been actively monitoring complaints received from individuals in this area and has identified potential concerns in relation to the processing of children's personal data on Instagram which require further examination."In a statement sent to Business Insider, the DPC described the twin investigations into Facebook. The first will examining the legal framework Facebook uses to process children's data on Instagram.
"The DPC will set out to establish whether Facebook has a legal basis for the ongoing processing of children's personal data and if it employs adequate protections and or restrictions on the Instagram platform for such children," the Commission said in its statement.The second investigation will specifically delve into Instagram's "profile and account settings," and whether they're appropriately set up to deal with child users. The Telegraph reports that under EU data protection regulations, each investigation could result in a maximum fine of 4% of Facebook's annual revenue. Facebook's annual turnover for 2019 was $70.7 billion, meaning a maximum 4% fine would equal $2.8 billion.
Instagram loophole discovered in 2019
Stier wrote in a Medium post in 2019 that he had found an Instagram loophole that allowed the personal data of underage users to be publicly exposed.
The loophole is linked to how Instagram allows users to switch between a regular account and a "business" account. To change over to having a business account, Instagram users must add either a phone number or an email address, which was then publicly accessible."Because there are seemingly no restrictions on who can change their personal profile to a business account, many kids have figured out that they can 'claim' to have a business so that they can add the contact buttons onto their own profile page," Stier wrote in 2019.
Instagram has since changed this process so business account holders have to opt-in to having their contact details publicly displayed.
"We've always been clear that when people choose to set up a business account on Instagram, the contact information they shared would be publicly displayed. That's very different to exposing people's information," an Instagram spokesperson told Business Insider."We're in close contact with the IDPC and we're cooperating with their inquiries," they added.
"However, Instagram continues to place children in harm's way and they have only made minor adjustments that affect new users and I have evidence that they've done nothing to anonymize the personal contact data for millions of kids who set up fake business accounts," he added.
- 1.28 lakh people over 60 years get 1st dose of COVID vaccine on first day
- Chinese hackers target Indian vaccine makers SII and Bharat Biotech: Report
- GST revenue up 7% year-on-year in February to over ₹1.13 lakh crore
- Here is the list of common side-effects of COVID-19, so that you don't panic if you get these
- These are the top 10 likely IPOs scheduled in March 2021