LONDON – Ireland’s data protection agency is investigating Instagram following concerns about how the image-sharing social platform handles children’s personal data, according to media reports.
The Data Protection Commission (DPC) received complaints that the US firm – owned by Facebook – allowed the phone numbers and email addresses of users under 18 to remain public, reported British newspaper Daily Telegraph yesterday.
Following the complaints, DPC, which is the European Union’s main data privacy regulator, reportedly launched two separate inquiries last month.
Neither Facebook nor DPC immediately responded to AFP’s request for comment.
Data scientist David Stier found that when Instagram accounts switched from the personal to the business setting, users’ email addresses and phone numbers became public, said Daily Telegraph.
Business profiles allow users to see how many people are viewing their profiles and images.
Anyone can set up such an account, with the platform currently not requiring proof the person is actually running a company.
Until recently, Instagram also required all business users to publicly list a phone number or email address.
Instagram’s minimum age for an account is 13.
According to media reports, DPC investigations will firstly examine whether the app has the necessary safeguards to securely process users’ data, particularly with regard to child users.
DPC will also look at whether Instagram is following the Irish regulator’s data protection rules over its profile and account settings. – AFP, October 19, 2020