Meta, TikTok, and X (formerly Twitter) have collectively been fined over $3 billion, with almost a third of the fines prompted by the mishandling of children’s data.
The General Data Protection Regulation (GDPR), an EU privacy regulation, has been a major headache for social media platforms.
According to recent research by Surfshark, the EU penalized five of the top ten most popular social media platforms with fines worth $3.1 billion – all of it for GDPR breaches.
Three of the top five most-fined platforms, Facebook ($1.8 billion), Instagram ($624 million), and WhatsApp ($246 million), are owned by Mark Zuckerberg’s Meta. TikTok received GDPR fines worth $384 million, while Elon Musk‘s X just $480,000.
Interestingly, a third of the fines were issued over the platforms’ mishandling of children’s data. These cases include problems with unclear privacy policies, default public accounts, and enforcing age restrictions.
Three such fines were given to TikTok ($384 million) and one to Instagram ($432 million).
“Such penalties demonstrate the imperative to hold major social media players accountable for their data handling practices, ensuring that the privacy and safety of all users, especially children, is given the utmost consideration and care,” Agneska Sablovskaja, Lead Researcher at Surfshark, said.
Researchers claim that the first fine over the mishandling of children’s data was issued back in 2021 when the China-owned TikTok was penalized for failing to have an understandable privacy policy in Dutch.
TikTok also failed to enforce its own policy prohibiting children under 13 from using the platform and allowing adults to register as parents of child TikTok users without verifying legal guardianship.
Instagram received its first fine in 2022 after the platform set children’s accounts to “public” by default.