LONDON — Meta was fined roughly $400 million for breaking European Union data privacy laws for its treatment of children’s data on Instagram, the latest in a series of steps by authorities in Europe and the United States to crack down on what information is collected and shared by companies about young people online.
Ireland’s Data Protection Commission said it decided on Sept. 2 to impose what would be one of the largest fines to date under the General Data Protection Regulation, or G.D.P.R., the four-year-old European data privacy law that has been criticized for being weakly enforced.
Policymakers are attempting to better safeguard children’s data generated on social media, online video games and other internet services. California lawmakers last week passed a law that would require many online services to increase protections for children. Britain passed a similar law last year.
Politico first reported the fine.
Meta said it disagreed with the decision and planned to appeal, setting up what could be a lengthy legal process. The company said the inquiry focused on old settings that were updated over a year ago, and that it has since added several more features to improve the safety of young users.
“Anyone under 18 automatically has their account set to private when they join Instagram, so only people they know can see what they post, and adults can’t message teens who don’t follow them,” the company said in an emailed statement.
The fine far exceeds any others to date by Ireland against Meta, reflecting regulators’ broader efforts to address the potentially harmful effect that social media and the internet have on young people.
Irish officials have said that the cases take time. Last year, regulators fined Meta 225 million euros for violations related to the messaging service WhatsApp. In March, the authorities fined the company 17 million euros over a data breach.
In a separate case, the country has threatened to force Meta to stop moving data from European users to the company’s U.S. data centers. That dispute stems from a court decision that said data from Facebook and Instagram users in Europe was not protected from American surveillance agencies that have legal access to information about international users.