TikTok has been fined €345 million for breaching privacy laws regarding the processing of children's personal data in the European Union, its lead regulator in the bloc said on September 15. (EPA-EFE/RITCHIE B. TONGO)

Consumer rights News

TikTok fined 345 million euros over handling of children’s data in Europe

2 minutes read
Avatar for Reuters

TikTok has been fined €345 million for breaching privacy laws regarding the processing of children’s personal data in the European Union, its lead regulator in the bloc said on September 15.

The Chinese-owned short-video platform, which has grown rapidly among teenagers around the world in recent years, breached a number of EU privacy laws between July 31, 2020, and Dec. 31, 2020, Ireland’s Data Protection Commissioner (DPC) said in a statement.

It is the first time ByteDance-owned TikTok has been reprimanded by the DPC, the lead regulator in the EU for many of the world’s top tech firms due to the location of their regional headquarters in Ireland.

A spokesperson for TikTok said it disagreed with the decision, particularly the size of the fine, and that most of the criticisms are no longer relevant as a result of measures it introduced before the DPC’s probe began in September 2021.

The DPC said TikTok‘s breaches included how in 2020 accounts for users under the age of 16 were set to “public” by default and that TikTok did not verify whether a user was actually a child user’s parent or guardian when linked through the “family pairing” feature.

TikTok added tougher parental controls to family pairing in November 2020 and changed the default setting for all registered users under the age of 16 to “private” in January 2021.

TikTok said on Friday it plans to further update its privacy materials to make the differences between public and private accounts clearer and that a private account will be pre-selected for new 16-17-year-old users when they register for the app from later this month.

The DPC gave TikTok three months to bring all its processing into compliance where infringements were found.

It has a second probe open into the transferring by TikTok of personal data to China and whether it complies with EU data law when moving personal data to countries outside the bloc. In March the DPC said it was preparing a preliminary draft decision into that investigation.

Under the EU’s General Data Protection Regulation (GDPR), introduced in 2018, the lead regulator for any given company can impose fines of up to 4% of the company’s global revenue.

The DPC has hit other tech giants with big fines, including a combined 2.5 billion euros levied on Meta.

It had 22 inquiries open into multinationals based in Ireland at the end of 2022.

Key Topics

More like this

TikTok was fined 530 million euros ($600 million) by its lead EU privacy regulator on May 2 over concerns on how it protects user information and was ordered to suspend data transfers to China if its processing is not brought into compliance within six months. (Photo by Chesnot/Getty Images)
News

TikTok fined €530 million by EU regulator over data protection

By Reuters

TikTok, Shein, Xiaomi and three other Chinese companies were named in a privacy complaint filed on January 16 by Austrian advocacy group Noyb, which alleged the firms were unlawfully sending European Union user data to China. (Photo Illustration by Asanka Ratnayake/Getty Images)
News

TikTok, five other Chinese firms hit by EU privacy complaints

By Reuters

Bureaucracy

European Commission says TikTok violates Digital Services Act, risking mega fine

By Carl Deconinck

Co-President of the French National Digital Council, Gilles Babinet, warned that social media "in their current forms are not compatible with democracy." (Photo by Matt Cardy/Getty Images)
Democracy

‘Social media incompatible with democracy,’ warns French digital council

By Anne-Laure Dufeal