On 31 December 2022, the Irish Data Protection Commission (DPC) issued its ruling in the investigation conducted into Meta Platforms Ireland Limited concerning its service Instagram, a user-generated content platform, for its data processing activities. The DPC fined Instagram for EUR 180 million for the identified data protection violations. In its ruling, the DPC directed Meta to change its policies to comply with the transparency data processing obligations within three months. In its investigation, the DPC found that Meta violated the transparency requirements by failing to clearly inform its users regarding its data processing policy and the legal basis used by the company to process the user's personal data was insufficient. The DPC found that Meta did not rely on users' consent to process personal data and relied on a "contract" to give legality to its processing activities, which was found to be insufficient as a legal basis for processing under General Data Protection Regulation.
Original source