A European Union regulatory authority has imposed a hefty fine of 345 million euros on the Chinese-owned social media giant, TikTok, for breaching child data protection regulations. This move marks the latest in a series of actions taken by the EU against the business practices of major tech conglomerates.
This substantial fine, equivalent to $369 million, is the result of a two-year investigation conducted by Ireland’s Data Protection Commission (DPC).
The Irish regulatory body, which plays a pivotal role in enforcing the EU’s stringent General Data Protection Regulations (GDPR), has granted TikTok a three-month window to bring its data processing practices in line with regulatory requirements.
The DPC initiated its examination of TikTok’s compliance with GDPR in September 2021, specifically focusing on platform settings and the processing of personal data concerning users under the age of 18.
While the investigation found no infringement in TikTok’s age verification procedures for individuals under the age of 13, it did identify lapses in the platform’s assessment of the risks associated with younger users registering on the service.
The DPC’s ruling, issued on Friday, underscored that children signing up for TikTok accounts had their profiles set to “public” by default, allowing unrestricted access to their content and comments from anyone.
Furthermore, the regulator criticized TikTok’s family pairing feature, designed to link parent accounts to those of their teenage children, as the company failed to adequately verify the parent or guardian status.
Ireland holds a pivotal role in the GDPR landscape due to hosting the European headquarters of TikTok and major tech giants like Google, Meta, and X (formerly Twitter).
In a separate incident earlier this year, the DPC imposed a record-breaking fine of 1.2 billion euros on Meta for transferring EU user data to the United States, in violation of a previous court ruling.
TikTok, a subsidiary of the Chinese tech behemoth ByteDance, enjoys immense popularity among young audiences, boasting 150 million users in the United States, 134 million in the European Union, and Africa’s Kenya is currently the top country in terms of TikTok usage worldwide.
TikTok Responds to EU’s Fine of 345 Million Euros Over Child Data
In response to the fine, TikTok expressed its respectful disagreement with the verdict and stated that it is currently evaluating its course of action. The platform highlighted that the DPC’s criticisms were primarily directed at features and settings that were already modified well before the commencement of the investigation, such as setting all accounts of users under 16 to “private” by default. TikTok maintains that it diligently monitors user ages and takes necessary actions as required.
The platform also disclosed that it had deleted nearly 17 million accounts worldwide in the first quarter of this year due to suspicions that users were under the age of 13.
Earlier this month, TikTok fulfilled its promise by opening a long-awaited data center in Ireland as part of its efforts to address concerns in Europe regarding data privacy.
GDPR, which came into effect in 2018, remains the European Union’s most stringent and well-known legislation governing technology companies, requiring citizens’ consent for the use of their personal data.
This fine follows the recent announcement of stringent new regulations targeting digital giants, including Apple, Meta (owner of Facebook), and ByteDance, with the aim of reforming their business practices.
