The European Union's privacy-focused General Data Protection Regulation (GDPR) has resulted in a fine of over 400 million euro for the photo sharing website.
The penalty was handed down by the Irish Data Protection Commission over the handling of childrens privacy settings on the app.
The size of the fine, which is expected to be announced in the coming days, was leaked to a news site.
The DPC looked at the processing of children's data and found that some information was visible. Children's accounts were set to public by default.
The inquiry focused on old settings that we updated over a year ago, and we have since released many new features to help keep teens safe.
Everyone under the age of 18 has their account set to private when they join, so only people they know can see what they post, and adults can't message teens who aren't following them. We are carefully reviewing the final decision of the DPC. Next week, we should know if Meta will appeal the fine.
Even though it has faced criticism over the way it handles privacy for younger users, controlling precisely who uses the app is a challenge. You have to be at least 13 years old to set up an account on the photo sharing site, but it took nine years for it to ask users their age. Children can lie about their birth date to keep the setup going.
In recent years, the app has made more effort to protect children's privacy, as well as other features to make it safer for younger users.
The fine is the second-biggest financial penalty to be handed down since the privacy-focusedGDPR came into force, after Amazon was fined 746 million euros in 2021.
The company owned by Meta has been fined three times by the Irish regulators, the most recent of which was a penalty for Facebook. More fines could be coming down the track for the U.S. giant because the Irish DPC is still investigating six other Meta-owned companies.
There is a recommended video.