Ireland's Data Protection Commission has received complaints that Instagram is making children's personal data public.
Ireland's Data Protection Commission (DPC) has launched two inquiries into Facebook Inc after the social network giant's handling of children's personal data on Instagram raised concerns.
The DPC, the main data privacy regulator in the European Union, received complaints from individuals and had identified "potential concerns" in relation to the processing of children's data on Instagram, Deputy Commissioner Graham Doyle said in an emailed statement on Sunday.
Both inquiries were launched last month, Doyle said.
Facebook did not immediately respond when contacted by Reuters on Sunday.
The Telegraph, which first reported the inquiry, said Instagram made the email addresses and phone numbers of users under 18 public.
The Irish regulator launched its probe following a complaint by David Stier, a US data scientist, The Telegraph added.
The first inquiry looks to establish if Facebook has the legal basis to process the data and whether it employs adequate protections and/or restrictions on Instagram.
"This inquiry will also consider whether Facebook meets its obligations as a data controller with regard to transparency requirements in its provision of Instagram to children," Doyle said.
Instagram's profile and account settings will be the focus of the second inquiry, examining whether the social media company is adhering to the regulator's data protection requirements.
Ireland hosts the European headquarters of a number of US technology firms, making the DPC the EU's lead regulator under the bloc's General Data Protection Regulation's "One Stop Shop" regime introduced in 2018.
The new rules give regulators the power to impose fines for violations of up to 4 percent of a company's global revenue or $22 million (20 million euros), whichever is higher.