Instagram investigated over handling of kids' data
Irish privacy regulators have opened two more probes into Facebook. Yahoo Finance’s Alexis Christoforous, Brian Sozzi, and Dan Howley discuss the details.
Video Transcript
BRIAN SOZZI: And another investigation into Facebook– Irish privacy regulators have opened two more probes into the company focused on how Instagram deals with children’s data. Yahoo Finance Tech Editor Dan Howley is here with the details. Dan, what sparked this one?
DAN HOWLEY: Yeah, this is the Irish Data Protection Commission. It’s part of the GDPR action from the European Union. And essentially what’s going on here is US data scientists had looked into accounts from Instagram. It kind of looked at 200,000 accounts here and found that as many as 60 million potentially children’s accounts, people under 18, had been given the opportunity to transfer those accounts into business-type accounts for Instagram. And as a result, they would then have their phone numbers and their email displayed publicly for the world to see.
Now the problem with that is obviously if you’re under 18, you’re not supposed to have that kind of data available in the EU, and so now they’re investigating how this happened, why it happened, and what’s going on here, as well as how many people it could have affected. Again, this is a data scientist’s estimate on the number, that 60 million. But, you know, this is something that’s been going on in the EU for some time, meaning investigations into these tech giants– Facebook, Google, Apple, Amazon– they’ve all kind of faced scrutiny from the EU. And this is kind of just another example of the bloc going and looking into potential issues with these tech giants.
ALEXIS CHRISTOFOROUS: But, Dan, can you get more specific? Like, what exactly will both those investigations be looking into?
DAN HOWLEY: Yeah, it’s going to be looking into whether or not they had given the access to these kids’ accounts. Basically the understanding is that because it was publicly available on Instagram, it was put into the HTML code for these sites. And so that information could then be easily scraped up by bots online and then used to potentially target these users, some 18 and under, so 17, 16, 15. You have to be 13 to have an Instagram account and then have that information collected.
So it appears to be kind of an issue where, look, we’re not– you’re not allowed to have this kind of information available. You’re not allowed to make it available. So it really does seem like a major issue. And here in the US, we have similar protections, and if the same thing is found here then it could be an even greater issue for Facebook.
BRIAN SOZZI: Dan, what’s the potential outcome here, just the fine and they keep it moving?
DAN HOWLEY: It could be a major fine, especially if it’s against the GDPR. That’s one of the strictest data-protection policies in the world short of California’s own protection policy, but that’s not a national law for us. But it could mean a ton of money coming out of Facebook’s coffers, depending on the violation and how long it went on for and the size of it. So, you know, GDPR– the punitive measures for that– was specifically put in place to really make sure that these tech giants have, you know, kind of an understanding that the EU is not messing around when it comes to data. And so this is just an example of them saying, look, we’re going to flex our muscle, and if there is an issue here, we’re going to investigate it, and you’re going to have to pay up.
BRIAN SOZZI: All right. Dan Howley, thanks so much.