Another headline worth fine under GDPR £349M

GDPR Fine for Instagram, USA, Instagram, another company owned by Meta (same company that owns Facebook and WhatsApp) has been given notice of a £349 million fine for improper use of children’s personal data; it was actually €405 million Euros as it was imposed by the Irish GDPR regulator against Meta’s EU head office in Ireland.

Meta have obviously appealed the fine and we’ll have to wait to see how it pans out, diplomacy and politics will now play their part, but it’s interesting because this is the second fine in recent history to be aimed by the DPC (Irish Data Protection Commission) at this organisation. WhatsApp was hit with a €225m fine roughly this time last year for ‘Insufficient fulfilment of information obligations’ which (without reviewing the actual case file) says to me they weren’t providing enough detail on exactly what they were intending to do with your personal data after they got it…

Meta appeal £349M GDPR Fine

I find all this especially interesting as we at Ametros Group were approached recently by a US based company who, whilst concerned about GDPR and their EU/UK data handling, asked us if we could help them with their approach to the Children’s Online Privacy Protection Rule (COPPA).

COPPA is a US Federal Trade Commission act that imposes requirements for online services directed at children.

Any improper use of personal data, or failure to protect personal data, is a potential ‘black eye’ for an organisation should it come to the attention of the regulators, but mishandling children’s information will always carry a more serious penalty. The best defence is preparation; understanding what your organisation does with personal data and how it does it, then comparing that to a how regulators would expect you to mange your operations in contrast to the principles of the GDPR.

This doesn’t need to be difficult, costly, or even time consuming.

Do you need help with GDPR?

Remember that the GDPR wasn’t created to make it more difficult for you to run you business, or to be profitable, no one wants to make things harder than they have to be; you just need to make the right decisions for your business.

We represent and support hundreds of organisations as their independent external Data Protection Officer, and we’ll always happy to take on new clients.

About Ametros Group

Ametros Group is a multi-award winning data privacy outsourcing provider. The company helps organisations to comply with various data privacy laws including EU GDPR and the UK Data Protection Act 2018 through consultancy, compliance framework implementation, auditing, Data Protection Officer outsourcing and EU/UK Representative services. Established in 2015, our multi-award winning team of data privacy experts have worked with FTSE100, Fortune500 and SMEs to deliver data protection excellence around the globe.

Press Contact

Ametros Group

press@ametrosgroup.com