TikTok, the popular Chinese-owned social media app, has been hit with a €345 million fine for violating teens’ privacy in Europe. The Irish Data Protection Commission (DPC) found that TikTok failed to protect teens’ personal data by making their accounts publicly accessible by default. It also found that the app did not do enough to tackle the risks that just over 13 users could face in its app.
The DCP fined TikTok in September this year because minors may have been exposed to risky content. The probe covered the five-month period from July 2020 to December 31, 2020. It found that TikTok’s data processing during this period violated the provisions of the General Data Protection Regulation regarding children aged 13 to 17 years old.
Ireland’s data regulator is responsible for all probes into TikTok under the General Data Protection Regulation. This is because the company currently has an EU base in Dublin. However, given that the alleged infringements are EU-wide, the European Data Protection Board must approve the final decision.
Gizchina News of the week
Details of the Fine
The €345 million fine is the largest-ever privacy fine for TikTok and the fifth-largest fine imposed on any tech company under the General Data Protection Regulation (GDPR). The DPC found that TikTok had contravened GDPR by placing child users’ accounts on a public setting by default, failing to supply transparent information to child users, allowing an adult accessing a child’s account on the “family pairing” setting to enable direct messaging for over-16s, and not properly taking into account the risks posed to under-13s on the platform who were placed on a public setting. The DPC ordered TikTok to bring its processing mechanisms into compliance within three months.
TikTok’s Response
TikTok said it will comply with the order to change misleading designs. It will do this by extending such default privacy settings to the accounts of new users. This is mostly for users between the ages of 16 and 17 later in September. It will also roll out changes to the pop-up young users get when they first post a video. These changes will rollout in the next three months. TikTok added that the DPC’s criticisms are focused on features and settings that were in place three years ago. The company said it has since made changes to address the problems raised by the inquiry. The company also confirmed that it has appealed the fine to the EU’s General Court.
Final Words
TikTok’s €345 million fine for violating teens’ privacy in Europe is a huge development in the ongoing debate over online privacy and regulation. The fine is a reminder that companies must take steps to protect their users’ personal data. TikTok’s response to the fine shows that they are taking steps to address the issues raised by the DPC. However, the company is also appealing the fine at the EU’s General Court.