Physical Address

304 North Cardinal St.
Dorchester Center, MA 02124

TikTok Fined $367 Million for Mishandling Children’s Data

TikTok Fined €345 Million for Violating EU Data-<a href="" class="st_tag internal_tag " rel="tag" title="">Privacy Laws</a>

TikTok Fined €345 Million for Violating EU Data-Privacy Laws

Key Takeaways:

  • Ireland’s Commission (DPC) has fined TikTok €345 million for violating the EU’s data-privacy laws.
  • TikTok has been ordered to bring its processing into compliance with Europe’s General Data Protection Regulation (GDPR) within three months.
  • The DPC found that TikTok’s signup process for teenage users resulted in public accounts by default and its “family pairing” feature allowed unauthorized access to child users’ direct messages.
  • TikTok disagrees with the decision, claiming that the criticisms are focused on features and settings that have been changed since the began.
  • TikTok plans to roll out additional changes to strengthen the privacy of younger users.

TikTok, the popular video app maker, has been fined €345 million (about $367 million) by the Irish Data Protection Commission (DPC) for violating the European Union’s data-privacy laws concerning the processing of information on children users. The DPC has also ordered TikTok to bring its processing into compliance with Europe’s General Data Protection Regulation (GDPR) within three months.

During an investigation into TikTok’s practices in the latter half of 2020, the DPC discovered that the app’s signup process for teenage users made their accounts public by default, exposing their videos to anyone for viewing and commenting. The DPC also found that TikTok’s “family pairing” feature, which was supposed to allow parents and guardians to manage their children’s accounts, failed to verify the between the user and the child. Additionally, the feature allowed adult users to enable direct for child users older than 16, thus compromising their privacy.

While the DPC concluded that TikTok’s age verification process did not violate GDPR, determined that the app had not adequately protected the privacy of children under the age of 13 who were able to sign up for an account. TikTok, however, disagrees with the decision and claims that the criticisms are directed at features and settings that were in place three years ago and have since been changed, such as setting all under 16 accounts to private by default.

In response to the fine and from the DPC, TikTok’s head of privacy for Europe, Elaine Fox, stated that the company would evaluate its next steps. TikTok has made efforts to strengthen the privacy of younger users by making all existing and new accounts for 13- to 15-year-olds private by default since January 2021. Additionally, the company plans to roll out a redesigned account registration flow that will pre-select “private account” for new 16- and 17-year-old users.

This is not the first time TikTok has faced fines for privacy-related issues. Earlier this year, the U.K.’s Information Commissioner’s (ICO) fined the platform over $15 million for allegedly failing to enforce rules that prohibit children under the age of 13 from using TikTok without parental consent. In 2019, TikTok also paid a $5.7 million fine to settle allegations by the U.S. Federal Trade Commission (FTC) that it had violated the Children’s Online Privacy Protection Act (COPPA).

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *