To capitalise from data processing, companies must remain compliant with the regulations set by the GDPR. Consequently, regulators may impose fines from up to 2% of a company’s global turnover (if higher than 10m). It’s important to remember how to maintain data protection compliance.
Instagram Case 2022:
On the 5th of September 2022, Instagram was fined £349m due to infringements relating to children’s data privacy. The case details revealed Instagram to enabling easy access to phone numbers and email addresses when analytical features were upgraded on the platform.
Under article 8 of the GDPR, any individual under the age of 16 is not eligible to consent to data processing, without the consent of their parent or guardian. In this case, Instagram were to follow article 8(2) by implementing “reasonable efforts to verify in such cases that consent is given or authorised by the holder of parental responsibility over the child”
What can businesses learn from this?
To avoid this and ensure compliance, reasonable efforts must be made to ensure the data subject can be verified before processing their data.
WhatsApp Case September 2021:
On the 2nd of September 2021, WhatsApp was fined 225m euros for violating transparency requirements within their privacy policy. Under the GDPR, one key principles is the requirement to be transparent when processing data., meaning companies must provide information to their users on the processes conducted with their data.
As a response to WhatsApp’s recent data breach, a campaign was launched to show the importance of personal data. This involved an updated approach to the privacy policy, displaying the importance of WhatsApp’s built-in layers of privacy protections. The new privacy features include ‘Leaving groups silently, controlling who can see when you’re online, and screenshot blocking for ‘view once’ messages’. These new features have not only improved the GDPR compliance for the users but has allowed a boost in confidence from users through the increased transparency. It can be noted that the GDPR doesn’t only act as a regulatory control over a business, but also as a means to strengthen the trust from the customers standpoint.
To see how All Response Media stays complaint when processing cookies, read our Cookie Policy here.
FEATURED READS
Contact us
All Respnse Media are a Top 15 UK Advertising Agency. Find out how our media teams across London, Leeds and Amsterdam combine data science with TV, digital and offline advertising to expand your business and grow your brand.
ALL RESPONSE MEDIA SERVICES
