TikTok Faces Hefty €345 Million Fine for Violating Children’s Data Privacy Laws

by Nik Asti

Published: September 15, 2023 at 9:25 am Updated: September 15, 2023 at 9:37 am

by Victor Dey

Edited and fact-checked:

In Brief

The EU’s lead regulator fined TikTok €345 million ($370 million) on Friday for violating children’s privacy laws.

In a groundbreaking decision, Ireland’s Data Protection Commissioner (DPC), which serves as the lead regulator for many top tech companies in the European Union, levied a €345 million fine against TikTok.

DPC took punitive action against the social media giant for its non-compliance with EU privacy regulations, specifically those related to children’s data.

According to the DPC’s statement, the ByteDance owned company violated multiple EU privacy laws during the period from July 31, 2020, to December 31, 2020. One of the key issues cited was TikTok’s handling of accounts for users under 16, which were set to “public” by default.

Additionally, the “family pairing” feature did not adequately verify whether an adult linked to a child’s account was actually the parent or guardian.

Under the General Data Protection Regulation (GDPR), established in 2018, a lead regulator can impose fines of up to 4% of a company’s global revenue. The DPC has a history of hitting tech giants hard. Moreover, it previously levied a combined €2.5 billion against Meta Platforms Inc., the company formerly known as Facebook.

In an official response, TikTok has disagreed with the DPC’s decision, questioning the magnitude of the fine. A company spokesperson said that TikTok had already addressed many of the issues by taking corrective actions before the DPC started its investigation in September 2021.

TikTok said it updated its privacy controls for family pairing in November 2020 and changed default settings for users under 16 to “private” in January 2021. The company also plans to make further updates to clarify distinctions between public and private accounts and will pre-select a private setting for new users between 16 and 17 years old.

Ongoing Investigation and Compliance Timeline

The DPC has given TikTok a three-month period to rectify all infringements. In parallel, another investigation is underway to examine TikTok’s data transfer practices to China and whether these are in compliance with EU data laws. In March, the DPC announced that it was preparing a preliminary draft decision on this separate but closely related issue.

As TikTok grapples with its first major regulatory setback in Europe, the case serves as a cautionary tale for other tech companies dealing with user data, especially that of minors. The implications of these fines and investigations are not only financial but also pose significant reputational risks.
It remains to be seen how TikTok and other social media giants will evolve their data protection measures following such scrutiny.

Read more:

Tags:

Disclaimer

Any data, text, or other content on this page is provided as general market information and not as investment advice. Past performance is not necessarily an indicator of future results.

The Trust Project is a worldwide group of news organizations working to establish transparency standards.

Nik is an accomplished analyst and writer at Metaverse Post, specializing in delivering cutting-edge insights into the fast-paced world of technology, with a particular emphasis on AI/ML, XR, VR, on-chain analytics, and blockchain development. His articles engage and inform a diverse audience, helping them stay ahead of the technological curve. Possessing a Master's degree in Economics and Management, Nik has a solid grasp of the nuances of the business world and its intersection with emergent technologies.

Nik Asti