Meta’s Instagram fined $400 million by Irish regulators for violating children’s privacy; raising serious concerns about the ethical standard of big tech companies

Late last month, Facebook’s parent company Meta Platforms agreed to pay $37.5 million for violating users’ privacy and tracking their movements through smartphones without their permission. Lawyers for the plaintiffs said that Facebook violated California law and its own privacy policy by gathering data from users who turned off Location Services on their mobile devices.

Fast forward two weeks later Meta is now in legal trouble again. On Monday, the Irish Data Protection Commission fined Meta-owned social media platform Instagram $400 million (€405 million) for violations of the General Data Protection Regulation (GDPR) regarding children’s data privacy and publication of children’s email addresses and phone numbers.

The fine, which is the second-highest fine under the GDPR after a €746 million penalty against Amazon, is the third for a Meta-owned company after a €225 million fine for WhatsApp and a €17 million fine for Facebook.

In a statement, a Meta spokesperson said: “This inquiry focused on old settings that we updated over a year ago, and we’ve since released many new features to help keep teens safe and their information private.”

The spokesperson also added: “Anyone under 18 automatically has their account set to private when they join Instagram, so only people they know can see what they post, and adults can’t message teens who don’t follow them. We engaged fully with the DPC throughout their inquiry, and we’re carefully reviewing their final decision.”

Commenting on the penalty levied against Meta, a data privacy expert on the subject and CEO of Empathy.co Angel Maldonado discussed how this impacts privacy standards amongst big-tech companies. He said:

“Instagram’s GDPR violation around children’s data privacy, raises serious concerns around the ethical standard that big tech companies adhere to – will Meta only recognize the fragile tradeoff between privacy and personalization through overwhelming scrutiny?”

He also added: “It’s time to wake up and name these business models for what they are: abusive, obscene, and wrong. Revealing children’s email addresses and phone numbers may be the tip of the iceberg, but what are the implications for other serious issues such as misinformation, lack of transparency, threats to geopolitics, war and downgraded moral values? Big tech companies like Meta might not intend on these knock-on effects but violations like this cement exactly why consumers don’t feel safe online, whether on social media or e-commerce sites.”

Meanwhile, Meta’s Instagram is not alone. Instagram’s rival TikTok was fined €750,000 ($745,000) in April of last year by The Dutch Data Protection Authority for violating the privacy of young children following a wide-scale investigation launched a year earlier.