• by Colin Kirkland , Staff Writer, September 7, 2022

On Monday, Irish regulators levied Instagram with a $400 million fine after accusing the social media giant of mishandling the personal information of teenagers. It is the second largest fine issued under the EU’s four-year-old data privacy law, the General Data Protection Regulation (GDPR).

The Irish watchdog is the lead regulator for many U.S. tech companies with European headquarters in Dublin. Its investigation focused on the way in which Instagram displays personal details of users between ages 13 and 17, including email addresses and phone numbers. 

The investigation launched only after a data scientist found that underage users were switching to business accounts – which display contact information on users’ profiles – to see how many likes their posts were getting after the company removed the feature from personal accounts in some countries to help users’ mental health. 

Andy Burrows, child safety online policy head of the U.K.’s National Society for the Prevention of Cruelty to Children (NSPCC), told BBC News that “this was a major breach that had significant safeguarding implications and the potential to cause real harm to children using Instagram.”

“It’s now over to the new prime minister to keep the promise to give children the strongest possible protections by delivering the Online Safety Bill in full and without delay,” Burrows added.

Meta, Instagram’s parent company, disagreed strongly with the fine and intends to appeal it, arguing the inquiry focused on “old settings” that were updated more than a year ago. 

“We’ve since released many new features to help keep teens safe and their information private,” Meta execs told the BBC.

“Anyone under 18 automatically has their account set to private when they join Instagram, so only people they know can see what they post, and adults can’t message teens who don’t follow them,” the company said in an emailed statement.

Overall, Meta’s various companies have been fined and sued so many times at this point, it’s hard to keep track. 

Irish regulators recently fined Meta 225 million euros for violations related to WhatsApp, the company’s messaging service.

In March, authorities fined Meta 17 million euros over a data breach. 

Toward the end of August, Facebook settled two lawsuits in the U.S., both having to do with violations of data privacy. One surrounded the company’s collection of users’ IP addresses, which exposed physical locations, and the other had to do with its involvement in the infamous Cambridge Analytica data grab. 

Additionally, during the first week of June, nine lawsuits were filed against Meta for its platforms being designed in strategic ways so as to addict and harm younger users. 

And let’s not forget about the leaked Facebook Papers.

The list actually goes on and on. 

Isn’t it finally time to step back and ask why we still trust these predatory platforms enough to continue using them?