Ireland interpretations of GDPR criticized again in Instagram case

Instagram icon

In fining Instagram a record 405 million euros (U.S. $405 million) earlier this month for General Data Protection Regulation (GDPR) violations regarding the safeguarding of teenage users’ data, the Irish Data Protection Commission (Irish DPC) took some heat of its own.

The regulator began its investigation in 2020 into the way users between the ages of 13 and 17 could open “business accounts” on the social media platform, which led to their phone numbers and/or email addresses being published widely in certain cases, and why child users’ accounts had a default “public” rather than “private” setting.

Judging from the European Data Protection Board’s (EDPB) binding decision, released Sept. 15, deliberations during the cross-border case were far from smooth.

lock iconTHIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.