Regulators in Europe are laying out fines for companies that come up short in data protection. The UK Information Commissioner’s Office has recently hit British Airways for £20 million, over a data breach involving 400,000 customers. Ireland’s Data Protection Commission, meanwhile, came into existence in 2018 and acts as the EU’s GDPR compliance regulator. During these two years, the office has had to contend with decisions involving Twitter, Facebook and WhatsApp. Now in the DPC’s sights is Instagram (and thus Facebook again, by extension). Under question is children’s data, specifically whether the social media app had the legal right to process it, and whether or not it was properly handled and secured.
Relevant to these investigations is the fact that in 2019, data scientist David Stier noted that 60 million Instagram users under 18 were allowed to change their accounts to business profiles. Allegations arose that the company was then making these profiles publicly available, a claim which Facebook has since described as a “mischaracterization.” People can now, they assert, opt out of sharing their contact information entirely. Why minors’ user profiles were converting to business accounts, I’m not sure, but it has made more legal trouble for Facebook. Especially coming on the heels of another case, earlier this year, where Facebook was investigated over antitrust concerns, as well as potential misuse of its free Marketplace service in the EU. “We’re in close contact with the IDPC and we’re cooperating with their inquiries,” says Facebook.
In mostly unrelated news, hackers who target restaurants during this time are, in my mind, especially scummy. The industry is already struggling desperately in the face of limited dining or even countless restaurant closures. Financially, your average joint would just be unable to bear the strain a data breach would cost. Unsurprisingly, though, cyber criminals are still making the industry a target. It appears they’re starting big: Dickey’s Barbecue Pit is the largest barbecue chain in the US. Any customers who ate there between July 2019 and August 2020 appear to have had payment card data compromised through Point-of-Sale and put up for sale on the dark web in October.
About 156 of Dickey’s 469 locations were affected in this scheme, and 3 million people in total. Customers should, if they fall into this category, take precautionary steps in contacting their bank or credit card issuer, to alert them of potential fraud or discover if any has already occurred. Support your local restaurants where you can, but always be mindful of your payment account security.