Instagram bans ad partner for improperly collecting user data

Instagram

Instagram banned an ad partner for scraping users’ publicly available information, in violation of its rules.


Thomas Trutschel/Photothek via Getty Images

Instagram has kicked a marketing startup off its platform after determining it improperly collected user data. The Facebook-owned social network took the action on Hyp3r after finding the startup scraped public data such as users’ physical locations, profile information and photos to serve better targeted ads.

Instagram sent a cease-and-desist letter to the San Francisco-based company on Wednesday after learning of the activity from Business Insider, which reported on the data collection earlier. Information collected by Hyp3r included data stored in Instagram Stories, content designed to disappear after 24 hours and not available through the company’s API.

“Hyp3r’s actions were not sanctioned and violate our policies,” an Instagram spokesperson said. “As a result, we’ve removed them from our platform. We’ve also made a product change that should help prevent other companies from scraping public location pages in this way.”

Instagram-owner Facebook has been under scrutiny since the revelation last year that consultancy Cambridge Analytica had misused Facebook user data in the run-up to the 2016 US presidential election. Since then, Facebook CEO Mark Zuckerberg has testified in front of Congress and the European Parliament to answer questions about Facebook’s handling of user data.

Hyp3r didn’t immediately respond to a request for comment and denied breaking Instagram’s rules to Business Insider.

“Hyp3r is, and has always been, a company that enables authentic, delightful marketing that is compliant with consumer privacy regulations and social network Terms of Services,” Hyp3r CEO Carlos Garcia said in an email. “We do not view any content or information that cannot be accessed publicly by everyone online.”

A portion of what Hyp3r is scraping comes from Instagram’s Location pages, which highlight images from public accounts that have been geo-tagged. This data was formerly visible to anyone, regardless of whether they are logged into an Instagram account.

A recently implemented fix cuts off access to this information if a user isn’t logged into their Instagram account. This new restriction will apply to all companies.