TikTok Faces €345 Million Fine for Mishandling Children's Data in Europe
Updated: Jan 9
TikTok, the popular Chinese-owned short-video platform, has been fined €345 million ($370 million) by Ireland's Data Protection Commissioner (DPC) for violating privacy laws related to the processing of children's personal data in the European Union.
The DPC stated that TikTok breached several EU privacy laws between July 31, 2020, and December 31, 2020. This is the first time TikTok, owned by ByteDance, has faced reprimand from the DPC.
The DPC, which serves as the lead regulator for many top tech firms in the EU due to their regional headquarters being located in Ireland, found that TikTok defaulted accounts for users under the age of 16 to "public" and failed to verify whether a user was a child's parent or guardian when using the "family pairing" feature. TikTok made changes to address these issues, including implementing tougher parental controls and changing the default setting for users under 16 to "private."
TikTok expressed disagreement with the DPC's decision, particularly regarding the size of the fine. The company stated that most of the criticisms are no longer relevant as they had already implemented measures before the DPC's investigation began in September 2021. TikTok plans to update its privacy materials to provide clearer information about the differences between public and private accounts.
The DPC has given TikTok three months to bring its data processing practices into compliance. Additionally, the DPC is conducting a separate investigation into TikTok's transfer of personal data to China and whether it complies with EU data laws when transferring data outside the bloc.
Under the EU's General Data Protection Regulation (GDPR), the lead regulator for a company can impose fines of up to 4% of its global revenue. The DPC has previously issued significant fines to other tech giants, including a combined €2.5 billion on Meta (formerly Facebook).
TikTok has been fined €345 million for breaching privacy laws regarding children's data in the EU.
The violations occurred between July 2020 and December 2020.
TikTok defaulted accounts for users under 16 to "public" and failed to verify parental consent.
Source: Reuters