TikTok Inc Fined 345 Million Euros by EU for Violating Data Protection
In a significant development, the European Union (EU) has fined TikTok Inc, the Chinese social media platform, a staggering 345 million euros for its mishandling of users’ personal data, particularly children and adolescents. The Irish Data Protection Commission (DPC), responsible for enforcing European data protection law, announced the fine after a thorough investigation that commenced in September 2021. This penalty marks the first enforcement action taken by the EU against TikTok for breaching data protection rules.
The EU’s Investigation into TikTok’s Data Protection Practices
The DPC investigation revealed a severe violation by TikTok wherein it defaulted the profiles of children aged 13 to 17 to a public setting. This default setting resulted in anyone on or outside of TikTok being able to see their content and contact them, thereby compromising their privacy and security. TikTok’s breach of EU data protection rules occurred during the period from July 31, 2020, to December 31, 2020, aligning with the timeframe under investigation by the DPC.
TikTok, which established an office in Ireland in 2020 and recently opened a site in Dublin to store EU citizens’ data, has been under scrutiny for its compliance with data protection regulations. This hefty fine comes at a time when social media platforms are being held accountable for lax privacy protection, with a specific focus on safeguarding children’s data.
A Rising Trend of Fines: Social Media Platforms and Privacy Protection
TikTok is not the only social media platform facing significant fines for privacy lapses. Meta, the parent company of Facebook, has also faced severe penalties and regulatory actions. In one instance, Meta was fined a record-breaking 1.2 billion euros and ordered to suspend the transfer of user data to the United States. Furthermore, Meta’s Instagram app was fined 405 million euros by the DPC in September 2022 for its failure to protect children’s data.
The rising number of fines against social media platforms highlights the urgent need for bolstered privacy protection measures across the industry. Such penalties serve as a strong signal that regulators are taking data protection seriously and are committed to holding companies accountable for mishandling user information.
TikTok’s Approach to Child User Privacy and Transparency
The DPC’s investigation exposed TikTok’s shortcomings in providing sufficient transparency to child users regarding the handling of their data. The platform’s policies pushed children toward more privacy-intrusive options and failed to adequately inform them about how their data was being used. TikTok did not specify the exact number of child users among its 134 million monthly EU users.
Moreover, TikTok could not verify if the adults associated with a child’s account were their parents or legal guardians. This verification lapse complicated the authorization process for children aged 16 and under to access direct messaging features, potentially exposing them to unsuitable content or unwanted interactions.
TikTok, owned by Beijing-based ByteDance, argued that it had already made significant policy changes before the investigation even began. The fine imposed by the EU raises questions about the adequacy and timeliness of these modifications in safeguarding user data.
TikTok’s Response and Future Measures
While TikTok expressed its disagreement with the EU’s decision and the level of the imposed fine, the platform’s spokesperson acknowledged the criticisms related to features and settings that were in place three years ago. TikTok emphasized the changes it had made since then, such as making all accounts for users below the age of 16 private by default.
Elaine Fox, TikTok’s head of privacy for Europe, promised that the platform would continue to strengthen the protection of adolescents. This commitment indicates an awareness of the need for enhanced privacy practices and a proactive approach to addressing potential vulnerabilities.
The European Data Protection Board’s Involvement
The European Data Protection Board (EDPB), an independent umbrella authority for data protection in the EU, has directed the DPC to further toughen its initial decision concerning TikTok’s data protection practices. The EDPB’s decision comes after objections raised by Italian and German data protection bodies. However, the amount of the imposed fine remains unchanged.
TikTok now has three months to comply with the EU’s decision and rectify its data protection practices. The DPC is also preparing to share its draft findings on TikTok’s data transfers to China with other European data protection agencies by the end of this year.
Conclusion
The EU’s fine of 345 million euros against TikTok Inc underscores the importance of stringent data protection measures, especially when it comes to safeguarding the privacy of children and adolescents. This penalty serves as a wake-up call for social media platforms, compelling them to prioritize user privacy and transparency or face severe consequences. TikTok’s case is just one among several recent instances where regulatory bodies have taken decisive action against companies for their handling of user data. As the digital landscape continues to evolve, it is paramount that platforms maintain a proactive approach in protecting user information and comply with data protection regulations.
Summary:
TikTok Fined for Mishandling Users’ Personal Data
- The European Union (EU) has fined TikTok Inc, the Chinese social media platform, 345 million euros for violating data protection rules.
- The Irish Data Protection Commission (DPC) found that TikTok defaulted the profiles of children aged 13 to 17 to a public setting, compromising their privacy and security.
- This breach occurred between July 2020 and December 2020, prompting the DPC investigation and subsequent enforcement action.
- TikTok’s fine reflects a growing trend of penalties against social media platforms for lax privacy protection.
- The EU’s action emphasizes the need for improved privacy measures and transparency, particularly when handling the data of child users.
- TikTok asserts that it had made policy changes before the investigation began and intends to strengthen its protection of adolescents in the future.
- The European Data Protection Board (EDPB) has directed the DPC to further enhance its decision, signaling a concerted effort to ensure strict data protection adherence.
—————————————————-
| Article | Link |
|---|---|
| UK Artful Impressions | Premiere Etsy Store |
| Sponsored Content | View |
| 90’s Rock Band Review | View |
| Ted Lasso’s MacBook Guide | View |
| Nature’s Secret to More Energy | View |
| Ancient Recipe for Weight Loss | View |
| MacBook Air i3 vs i5 | View |
| You Need a VPN in 2023 – Liberty Shield | View |
Receive free updates from TikTok Inc
We will send you a myFT daily summary email summarizing the latest TikTok Inc. news every morning.
TikTok has been fined 345 million euros by the EU over the way it handles users’ personal data of children and adolescents, the first imposed by the bloc on the Chinese social media platform.
The Irish Data Protection Commission, the regulator responsible for bringing TikTok technology under European data protection law, announced the fine on Friday after an investigation that began in September 2021.
The DPC investigation found that TikTok breached EU data protection rules by defaulting the profiles of children aged 13 to 17 to a public setting, meaning that anyone on or outside TikTok could see their content and contact them.
TikTok, which opened an office in Ireland in 2020 and this month opened a long-planned site in Dublin to store EU citizens’ data, has been the subject of a DPC investigation into its compliance during the period from July 31, 2020 to December 31, 2020.
The fine is the latest against social media platforms for lax privacy protection and comes as the DPC finalizes an investigation into TikTok over data transfers to China.
Meta, the owner of Facebook, received this year a Record fine of €1.2 billion and ordered to suspend transfers of user data to the United States. Meta’s Instagram app was fine of 405 million euros by the DPC in September 2022 for not having protected children’s data.
TikTok, which has 134 million monthly users in the EU, failed to provide child users with enough transparency about what was happening to their data and pushed them toward more privacy-intrusive options, a declared the DPC. TikTok does not specify how many of its users are children.
Additionally, in the context of a family match, it could not be verified that the adult associated with a child’s account was the parent or guardian and that this adult was able to authorize the most 16 years to access direct messaging features, the DPC said.
The social media app, which is owned by Beijing-based ByteDance, said it had changed its policies on most of the issues covered well before the investigation began and had not yet decided whether she would appeal.
“We respectfully disagree with the decision, particularly the level of the fine imposed,” a TikTok spokesperson said.
“The DPC’s criticisms relate to features and settings that were in place three years ago and that we changed well before the investigation even began, such as making all accounts private by default under 16s,” added the spokesperson.
In a statement, Elaine Fox, TikTok’s head of privacy for Europe, said the platform would “continue to strengthen the protection of adolescents.”
The DPC has been ordered by the European Data Protection Board, the sector’s independent umbrella authority, to toughen up the initial decision taken last year, following objections raised by Italian and German data protection bodies . But the amount of the fine remained unchanged.
TikTok has three months to comply with the decision.
The DPC plans to share its draft findings on its investigation into TikTok’s data transfers to China with other European data protection agencies by the end of this year.
—————————————————-