A recent investigation conducted by Surfshark has brought to light significant breaches of the European Union General Data Protection Regulation (GDPR) by some of the most widely used social media platforms. Notably, Meta’s major apps, TikTok, and X (formerly Twitter) have collectively faced fines exceeding €2.9 billion over the past five years.
This revelation stems from the GDPR Enforcement Tracker, which outlines the regulatory actions taken against various platforms for data protection violations. Astonishingly, a substantial portion of the fines, amounting to over €765 million, was attributed to the mishandling of children’s data.
Unsurprisingly, Meta-owned social media products, including Facebook, Instagram, and WhatsApp, feature prominently in this regulatory landscape, accruing fines totaling €2.6 billion. The staggering figure underscores the dominance of Meta in the realm of social media platforms, as these apps alone account for a staggering 86% of the total fines imposed.
Breaking down the fines further, Facebook incurred the largest penalty at €1.7 billion, followed by Instagram with a fine of €585 million. TikTok, another Meta entity, received the third-highest fine at €360 million, while WhatsApp and X (formerly Twitter) faced fines of €231 million and €450k, respectively, with the latter being the sole penalty levied in late 2020.
Interestingly, the GDPR Enforcement Tracker reveals that several other social media platforms have not incurred fines thus far. These platforms include YouTube, Snapchat, Pinterest, Reddit, and LinkedIn, signifying a divergence in their data protection practices compared to their fined counterparts.
Agneska Sablovskaja, the Lead Researcher at Surfshark, emphasized the significance of holding major social media players accountable for their data handling practices. Sablovskaja highlighted that half of the most popular social media platforms examined had received GDPR fines, with one-third of these fines linked to privacy concerns related to children. This underscores the urgency of ensuring that the privacy and safety of all users, especially children, are prioritized and safeguarded.
The fines were attributed to various violations, including unclear privacy policies, defaulting to public account settings, and neglecting to enforce age restrictions. These issues underscore the paramount importance of safeguarding children’s online privacy and maintaining transparent data protection practices.
Meanwhile, the Nigeria Data Protection Commission (NDPC) is conducting its investigation into Meta for potential data breaches within the country. The complaints against Meta in Nigeria focus on behavioral advertising without explicit consent from data subjects. The NDPC revealed that approximately 40 million Facebook accounts in Nigeria may have been impacted by the data processing under scrutiny, with significant implications for Nigeria’s digital economy.
If found guilty, Meta could face severe consequences, including forfeiting 2% of its gross revenue to the NDPC as a penalty, as stipulated by the Data Protection Act. This ongoing investigation underscores the global nature of data protection concerns and the need for comprehensive regulatory measures to ensure the responsible handling of user data by major tech entities.
Support InfoStride News' Credible Journalism: Only credible journalism can guarantee a fair, accountable and transparent society, including democracy and government. It involves a lot of efforts and money. We need your support. Click here to Donate