Instagram is under probe by Ireland’s Data protection Commissioner over handling of children’s personal data on its platform.
Instagram could come under fire if found guilty for failing to protect the data of minors. Reports show that the platform allowed email addresses and phone numbers of minors to be publicised.
Parent company, Facebook refuted the claim but said it was cooperating with the Data Protection Commission (DPC). The DPC came into force in 2018 as the lead EU regulator under the European Union General Data Protection Regulation. The body is saddled with the responsibility to protect individuals’ right to online privacy and has to charge huge fines to any erring organisation or platform.
The Irish regulator is investigating whether the social media giant employed enough protections and restrictions for underaged users on Instagram. It wants to also establish if Facebook had adhered with GDPR requirements in relation to account settings. According to the Irish Data Protection Act, the law sets the age of consent of children in relation to information society services at 13 years.
Parents in Ireland have a reason to be worried because the internet is not a safe haven.
“The DPC has been actively monitoring complaints received from individuals in this area and has identified potential concerns in relation to the processing of children’s personal data on Instagram which require further examination.”
A complaint from David Stier, a US based data-scientist analysed profiles of almost 200,000 Instagram users globally. He alleged that at least 60 million users below the age of 18 could easily switch their profiles into business accounts. With a business account, the user is required to publicly display their phone numbers and email addresses. The same personal information could easily be scrapped by hackers as they were also contained in the HTML source code of web pages.
Mr. Stiers reported his findings to Facebook but complained that Instagram had refused to mask the contact details for business accounts.
One would wonder if this were possible seeing that business owners display such information for easy access from customers who might want to reach them. A spokeswoman from Facebook in defence says that the complainant clearly misunderstands how the platform works.
“We’ve always been clear that when people choose to set up a business account on Instagram, the contact information they shared would be publicly displayed. That’s very different to exposing people’s information. We’ve also made several updates to business accounts since the time of Mr.Stiers mischaracterisation in 2019, and the people can now opt out of including their contact information entirely.”
Mr. Stiers is genuinely worried because he is a parent whose children could have displayed their information on the platform, making them easy targets to paedophiles. Instagram on the other hand is out there as a business to maximise profit and find means to increase the number of subscribers. In whose place would it be to protect the children from such danger zone? A thirteen-year-old is obviously not mature enough to take decisions on their own.
“Do we have a responsibility to keep kids’ phone numbers and emails hidden so that strangers can’t find them just by clicking a button?” said Mr. David