Expert Comments

What Experts Say On EU Investigating Instagram Over Child Data Violations

Expert(s): Security Experts
Expert(s): Security Experts

Ireland’s Data Protection Commissioner is investigating Instagram over how the platform handles personal data of children. If the company has broken any privacy laws, Facebook, the parent company could be liable to pay a huge fine. Recently, reports highlighting Instagram’s inability to protect data gained traction online. According to the reports, Instagram allowed email addresses and phone numbers of minors, or those aged below 18, to become public.

Full story here: https://www.bbc.co.uk/news/business-54594825

Experts Comments

Dot Your Expert Comments
Jake Moore
October 20, 2020
Cybersecurity Specialist
ESET

Fines issued must always represent and match the magnitude of a data breach.
Fines issued must always represent and match the magnitude of a data breach, if organisations are going to learn from them. In the past, we have far too often seen minimal cash fines that do not equal the risk of compromising data ending up in the wrong hands. Investigations such as this reduce the threat to the people involved, along with their data – which, in turn, reduces knock-on cyberattacks. Social networks store masses of personal data, which must be treated with the respect it.....Read More
Fines issued must always represent and match the magnitude of a data breach, if organisations are going to learn from them. In the past, we have far too often seen minimal cash fines that do not equal the risk of compromising data ending up in the wrong hands. Investigations such as this reduce the threat to the people involved, along with their data – which, in turn, reduces knock-on cyberattacks. Social networks store masses of personal data, which must be treated with the respect it deserves. This is even more important when it comes to protecting children’s data, who make up a vast portion of Instagram’s users. Parents must try and curb the amount of private data their children post online, as many children do not understand the long term risks or how their data could be used in the wrong hands.  Read Less
David Kennefick
October 20, 2020
Product Architect
edgescan

Facebook and Instagram need to crack down on this and make it more difficult for people to expose their data.
The most important piece of information that will be taken into account here is the trade-off. Children were offered additional analytics on their posts, provided they shared their contact details. The corresponding side of the trade-off is the phone and email contact information becomes public, this public data has already been misused as we have seen from the breach in India from May 2019, so a question needs to be asked: should children have even been given the option to expose their.....Read More
The most important piece of information that will be taken into account here is the trade-off. Children were offered additional analytics on their posts, provided they shared their contact details. The corresponding side of the trade-off is the phone and email contact information becomes public, this public data has already been misused as we have seen from the breach in India from May 2019, so a question needs to be asked: should children have even been given the option to expose their details? In many cases, I’m sure they used correct business-specific contact channels, but naturally, the fear would be many did not. Facebook and Instagram need to crack down on this and make it more difficult for people to expose their data.  Read Less
Mark Bower
October 20, 2020
Senior Vice President
comforte AG

Vendors have the utmost responsibility for compliance and transparency.
For obvious reasons, children’s data collection and protection have very specific handling in many jurisdictions and called out in GDPR very specifically. While a data protection regulator is no substitute for parenting and education to ensure children begin to understand how their data is eventually used, vendors have the utmost responsibility for compliance and transparency. In GDPR Article 8, the consent requirements, age limitations, and responsibilities are very clear, especially around.....Read More
For obvious reasons, children’s data collection and protection have very specific handling in many jurisdictions and called out in GDPR very specifically. While a data protection regulator is no substitute for parenting and education to ensure children begin to understand how their data is eventually used, vendors have the utmost responsibility for compliance and transparency. In GDPR Article 8, the consent requirements, age limitations, and responsibilities are very clear, especially around consent. The fact that a data scientist has discovered trivial data exposure of what appears to be vulnerable minors in data collection applications is alarming if true. This is especially a concern given that it is also equally simple these days to de-identify, mask, or secure it and thus there are few excuses not to comply. In a world of attacks, data theft, and misuse, privacy and security has to be a first priority, especially the data of our next generation’s citizens.  Read Less

Dot Your Expert Comments


Only for registered and approved experts. Please register before providing comments. Register here
* By using this form you agree with the storage and handling of your data by this web site.
Submit
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

15 Schools Hit By Cyberattack In Nottinghamshire

Qualys Hit With Ransomware And Customer Invoices Leaked

Experts Reaction On PrismHR Hit By Ransomware Attack

Expert Insight On Ryuk’s Revenge: Infamous Ransomware Is Back And...

ObliqueRAT Trojan Lurks On Compromised Websites – Experts Comments

Microsoft Multiple 0-Day Attack – Tenable Comment

Experts Reaction On Malaysia Airlines 9 Years Old Data Breach

IoT Security In The Spotlight, As Research Highlights Alexa Security...

Oxfam Australia Confirms ‘Supporter’ Data Accessed In Cyber Attack

Expert Reaction On Solarwinds Blames Intern For Weak Passwords