Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
Instagram is being investigated by Ireland’s Data Protection Commissioner (DPC) following alleged concerns over how they may handle children’s data.
The DPC is investigating whether Instagram (owned by Facebook) has employed adequate protections and restrictions for children on the app, and are looking into how they process children’s personal data.
Instagram has reportedly taken preventative steps to desist the exposing of children’s data. However, Instagram/Facebook could have still allegedly broken the GDPR because of the potential for under-18’s phone numbers and email addresses being displayed publicly online, it has been alleged.
The investigation comes after US data scientist, David Stier, reportedly complained about Instagram’s alleged handling of personal data, following his own investigation. Stier is understood to have analysed 200,000 Instagram profiles from around the world and estimated that, for at least a year, 60 million users under the age of 18 could easily change their profiles to business accounts.
When choosing the option to change your Instagram profile into a business profile, the platform appears to allow personal information to be easily accessed. To create a business profile, it is understood that you must display your email address and telephone number to the public. This is understood to mean that a child’s personal information could, in theory, be displayed freely to other Instagram users. The same information is also said to have been displayed in the HTML code of Instagram profiles when accessed on a desktop rather than the app.
A spokeswoman for Facebook defended the accusations, saying: ‘We’ve always been clear that when people choose to set up a business account on Instagram, the contact information they shared would be publicly displayed. That’s very different to exposing people’s information.’
Following the accusations, Instagram is understood to have made updates to business accounts that mean no personal information needs to be displayed at all.
The General Data Protection Regulations (GDPR) state that, when handling children’s data, companies should:
The GDPR also states explicitly that specific protection is required where children’s personal data is used for marketing purposes or for creating personality or user profiles.
This highlights the issue of any platform potentially allowing children’s data to be displayed publicly. Email addresses and telephone numbers of under 18’s is personal information that should be protected by the applicable platform.
Your Lawyers – T/A The Data Leak Lawyers – is a specialist data breach law firm that has recovered millions of pounds for thousands of claimants across multiple case types and actions. We have lots of experience fighting for justice for victims of data breaches, hacks and leaks, and we could help you too.
If you have been a victim of any data breach, do not hesitate to get in touch with our team today. Our lawyers can offer No Win, No Fee representation for eligible claimants meaning that, if you don’t win your claim, we can waive our legal fees, subject to the terms and conditions of the agreement.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020