TikTok was penalized €345 million (£296 million) by Irish regulators for abusing children’s privacy.
In particular, age verification and privacy settings were mentioned in relation to how the social media app handled children’s data in 2020.
The fine is the largest one that TikTok has ever faced from authorities.
A social media company “respectfully disagree[s] with the decision, particularly the level of the fine imposed,” according to a spokeswoman.
The complaints, according to the company, “are centered on features and settings that were in place three years ago and that we changed well before the investigation even started, such as setting all under 16 accounts to private by default.”
In accordance with the EU’s General Data Protection Regulation (GDPR), Ireland’s Data Protection Commission (DPC) imposed the penalties.
Companies must abide by the requirements outlined by GDPR when processing customer data.
According to the DPC, TikTok had not been clear enough with kids about its privacy settings, and there were concerns expressed about how their data was used.
The investigation also discovered that accounts created by users between the ages of 13 and 17 were made public by default upon registration, making the content they uploaded accessible to everyone, according to Data Protection Commissioner Helen Dixon, who spoke to BBC News.
Because of the way TikTok designed the platform, Ms. Dixon stated, “that is specifically at their fault because it violated the data protection by design and by the default requirements of the GDPR.”
The company has three months to fully comply with GDPR in all aspects of data processing.
Prof. Sonia Livingstone, a researcher at the London School of Economics and Political Science who examines children’s digital rights and experiences, applauded the DPC’s choice.
“[Children] want to engage in the digital world without falling victim to manipulation or exploitation. Because privacy is a child’s right, platforms must, she continued, “explain how their data is handled and, more importantly, handle their data fairly.
The question of whether TikTok smuggled data from the EU to China is still being investigated. ByteDance, a company based in Beijing, owns TikTok.
Euro penalties
Even while the fine is in the hundreds of millions of dollars, it is actually less severe than other fines that have been imposed recently, such as the €1.2 billion (£1 billion) charge that Meta received from the regulator in May for improperly handling customer data during transfers between Europe and the United States.
However, it is significantly higher than the £12.7 million fine TikTok received from the UK data authority in April for allowing minors to use the network in 2020.
The DPC’s fine expressly refers to 2020, and TikTok made a number of changes to become more compliant in the years that followed.
In January 2021, it became one of the first social media platforms to make accounts for users between the ages of 13 and 15 private by default.
This month, it will also bring in a modification that would make all 16 and 17-year-olds who sign up for the platform’s services have their accounts turned to private by default.
