Although disconnected from the EU, we thought it relevant to mention that the Ireland’s Data protection Commission has fined Instagram €405 million.
The fine is the second -largest GDPR penalty and it relates to alleged violations of EU GDPR relating to the default settings on Instagram for children aged 13-17, that exposed email addresses and phone numbers linked to child-operated accounts.
The investigation began in October 2020 and the initial decision was subject to a dispute resolution procedure.
Meta, who own Instagram, are reviewing the decision but make the point that this relates to old settings that were updated more than 12 months ago, which by our reckoning is after the investigation began.
You can read a fuller report on the Politico website using the link https://www.politico.eu/article/instagram-fined-e405m-for-violating-kids-privacy/