Ireland's Privacy Regulator Is Investigating Instagram

Facebook could face a huge privacy fine after the chief European Union (EU)  data watchdog, the Irish Data Protection Commission (DPC), launched a review into how Instagram has exposed the contact details of millions of children. 

The DPC,which is the main data privacy regulator in the EU, has received complaints from individuals and has identified “potential concerns” in relation to the processing of children’s personal data on Instagram.  

The inquiry will also consider whether Facebook has the legal basis to process the data and whether it employs adequate protections and/or restrictions on Instagram.

The purpose of the inquiry is to consider whether Facebook meets its obligations as a data controller with regard to transparency requirements in its provision of Instagram to children.

Instagram’s profile and account settings will be the focus of  a second inquiry, examining whether the social media company is adhering to the regulator’s data protection requirements.

Ireland hosts the European headquarters of a number of US technology firms, making the DPC the EU’s lead regulator under the bloc’s General Data Protection Regulation (GDPR)  regime introduced in 2018. The new rules give regulators the power to impose fines for violations of up to 4 per cent of a company’s global revenue or €20 million, whichever is higher.

All Instagram users can change their personal Instagram accounts to ones designed for businesses, which unlike personal profiles, gives them statistics such as how popular their photos and videos were. But, a business account also means that the user’s personal contact details are publicly displayed on their profile, allowing anybody to contact the children outside of the app.

Until recently, Instagram required all business accounts to show a phone number or email address, so users could not opt out of having their public information displayed. It still allows anybody to set up a business account, with no verification to check if they are actually running a business.

Data Protection Commission:     Irish Times:         Reuters:       Telegraph:       Benzinga

You Might Also Read:

Fact-Checking Comes To Instagram:

Tech Giants Have Facilitated An Online Slavery Market:

 

« Malware Versus Ransomware: What’s the Difference?
Cyber Professionals Fear Being Replaced By AI »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Uniscon

Uniscon

Uniscon is a leading provider of cloud security solutions in Europe.

Blue Ridge Networks

Blue Ridge Networks

Blue Ridge offers a suite of solutions that enable secure remote access to the enterprise network with protection and control of endpoints.

Komodo Consulting

Komodo Consulting

Komodo Consulting specializes in Penetration Testing and Red-Team Excercises, Cyber Threat Intelligence, Incident Response and Application Security.

BlackBerry Security Services

BlackBerry Security Services

Blackberry provides intelligent security software and services to enterprises and governments around the world.

Cyber Affairs

Cyber Affairs

Cyber Affairs is the first Italian press agency entirely dedicated to cyber security.

SysTools

SysTools

SysTools provides a range of services including data recovery, digital forensics, and cloud backup solutions.

Nexus Group

Nexus Group

Nexus Group develops identity solutions for physical and digital access.

ThreatQuotient

ThreatQuotient

ThreatQuotient delivers an open and extensible threat intelligence platform to provide defenders the context, customization and collaboration needed for increased security effectiveness.

Cynterra

Cynterra

Cynterra is a next generation cloud cyber security and data analytical service provider offering cloud security compliance, data protection, visibility and threat protection services.

GuardSI

GuardSI

GuardSI was created to protect companies from growing threats to security such as fraud, hacking, internal theft, accidents and human mistakes that can directly affect the business.

NewAE Technology

NewAE Technology

NewAE Technology is revolutionizing the hardware security market by making every engineer and designer aware of side-channel power analysis and glitching as important attack vectors.

Magna5

Magna5

Magna5 is a managed IT service provider focusing in network and server monitoring, backup and disaster recovery, cybersecurity, help desk and SD-WAN.

Riskonnect

Riskonnect

Riskonnect technology empowers organizations with the ability to anticipate, manage, and respond in real-time to strategic, operational, and digital risks across the extended enterprise.

BluTinuity

BluTinuity

BluTinuity is a premier management consulting firm with a passion for information security, business continuity, incident response, disaster recovery, and HIPAA security.

Smarsh

Smarsh

Smarsh products are designed for user-friendly, efficient compliance. From archiving, supervision, and discovery to cybersecurity – Smarsh has you covered.

The Hacking Games

The Hacking Games

The Hacking Games' Mission is to inspire, educate and mobilise a generation of ethical hackers to make the world a safer place.