Ireland’s Data Protection Commission (DPC), key data privacy regulator in the EU has started two inquiries on Facebook Inc after issues regarding the company’s handling of children's personal data on Instagram were raised.

Graham Doyle, Deputy Commissioner, affirmed that DPC received complaints from people and recognized potential concerns related to the processing of children’s personal information on Instagram. The inquiries were launched last month.

A source that reported the first inquiry, stated that Instagram made the phone number and email addresses of users under the age of 18 public. It further added that the Irish regulator started its investigation after a complaint by a U.S. data scientist, David Stier.

The children above the age of 13 are eligible to have an Instagram account. According to the estimation of Stier, a minimum of 60 million users below the age of 18 are given the option to change their profiles to business accounts. As the users with the business accounts need to publicly display their contact details like the email address and the phone number, the hackers can scrape this information easily.

The first inquiry will find out if the social media giant has a legal basis to process the data and if it has imposed adequate protections or restrictions on Instagram.

The second inquiry will focus on the profile and account settings of Instagram and will evaluate if Facebook is adhering to the data protection requirements of the regulator.

Doyle further added that the inquiry will also consider if Facebook, as a data controller, meets its obligations regarding transparency requirements in its facility of Instagram to children

Ireland hosts the European headquarters of numerous U.S. technology firms, which makes DPC the lead regulator of the EU under the One-Stop-Shop regime of the bloc’s General Data Protection Regulation that was introduced in 2018.

As per the new rules, the regulators can inflict fines up to 4% of a business’s global revenue or 20 million Euros, whichever is higher.

Source: https://www.reuters.com/article/europe-privacy-facebook/irish-regulator-probes-facebooks-handling-of-childrens-data-on-instagram-idUSL4N2H90NT