TikTok Faces Hefty €345 Million Fine for Violating Children’s Data Privacy Laws
The EU’s lead regulator fined TikTok €345 million ($370 million) on Friday for violating children’s privacy laws.
In a groundbreaking decision, Ireland’s Data Protection Commissioner (DPC), which serves as the lead regulator for many top tech companies in the European Union, levied a €345 million fine against TikTok.
DPC took punitive action against the social media giant for its non-compliance with EU privacy regulations, specifically those related to children’s data.
According to the DPC’s statement, the ByteDance owned company violated multiple EU privacy laws during the period from July 31, 2020, to December 31, 2020. One of the key issues cited was TikTok’s handling of accounts for users under 16, which were set to “public” by default.
Additionally, the “family pairing” feature did not adequately verify whether an adult linked to a child’s account was actually the parent or guardian.
The Regulatory Framework: GDPR and Fines
Under the General Data Protection Regulation (GDPR), established in 2018, a lead regulator can impose fines of up to 4% of a company’s global revenue. The DPC has a history of hitting tech giants hard. Moreover, it previously levied a combined €2.5 billion against Meta Platforms Inc., the company formerly known as Facebook.
In an official response, TikTok has disagreed with the DPC’s decision, questioning the magnitude of the fine. A company spokesperson said that TikTok had already addressed many of the issues by taking corrective actions before the DPC started its investigation in September 2021.
TikTok said it updated its privacy controls for family pairing in November 2020 and changed default settings for users under 16 to “private” in January 2021. The company also plans to make further updates to clarify distinctions between public and private accounts and will pre-select a private setting for new users between 16 and 17 years old.
Ongoing Investigation and Compliance Timeline
The DPC has given TikTok a three-month period to rectify all infringements. In parallel, another investigation is underway to examine TikTok’s data transfer practices to China and whether these are in compliance with EU data laws. In March, the DPC announced that it was preparing a preliminary draft decision on this separate but closely related issue.
As TikTok grapples with its first major regulatory setback in Europe, the case serves as a cautionary tale for other tech companies dealing with user data, especially that of minors. The implications of these fines and investigations are not only financial but also pose significant reputational risks.
It remains to be seen how TikTok and other social media giants will evolve their data protection measures following such scrutiny.
- Metaverse Is Transforming Modern Education, Claims Meta
- Thai PM Announces $16B ‘Digital Wallet’ Cash Handout to Boost Struggling Economy
- Virtuzone and TOKO Network Launch Dubai’s First Tokenized Web3 Crowdfunding Platform
Any data, text, or other content on this page is provided as general market information and not as investment advice. Past performance is not necessarily an indicator of future results.
The Trust Project is a worldwide group of news organizations working to establish transparency standards.