TikTok, the popular social media platform, is feeling the heat as European Union regulators imposed a stunning $370 million fine for failing to adequately safeguard children’s personal data.
Ireland’s Data Protection Commission, representing the EU, found that TikTok’s default settings did not effectively protect the privacy of children. Additionally, the platform was cited for a lack of transparency in explaining how data was managed for it users who were 17 years old and younger. This marks the first penalty levied against TikTok by the EU for breaching data protection laws.
The EU decision is just the latest incident in which TikTok has dealt with privacy concerns. The platform has faced increased scrutiny from parents, policymakers, and regulators due to concerns over its practices for collecting data and potential impact on young users’ mental health. This is a major issue for the brand given a 2022 Pew Research Center survey revealing 67% of American teenagers use TikTok, with 16% using it frequently.
TikTok’s parent company, ByteDance, is headquartered in China, which has also bolstered concerns. Irish regulators are concurrently investigating whether TikTok unlawfully transfers user data from the EU to China, with results expected by year-end.
In the U.S., both state and federal policymakers have been working towards better regulating TikTok. Multiple government agencies have banned TikTok on work devices amid fears that the app could expose sensitive data to Beijing. There is currently a statewide ban on TikTok in Montana, and New York City has banned it from all government devices..
Within the EU, where TikTok boasts over 150 million monthly users, regulators have been critical of the company’s insufficient efforts to protect children’s data. Despite the platform’s age limit of 13, TikTok has been found in violation data protection rules by defaulting to public visibility for videos and posts, thereby exposing the youngest users’ information.
During the investigation, which covered activity from July 31, 2020, to December 31, 2020, regulators also found that TikTok failed to prevent those youngest users from circumventing age restrictions, including the enabling direct messaging.
In a statement provided to The New York Times, TikTok disputes the penalty, asserting that it had already made policy changes in 2021, setting accounts to private by default for users aged 13-15 and providing enhanced information about data collection to young users.
This isn’t TikTok’s first encounter with penalties for child data mishandling. In April, British regulators fined the company $15.8 million (£12.7 million) for failing to prevent children under 13 from signing up. In 2019, the precursor to TikTok, Musical.ly, settled for $5.7 million with the Federal Trade Commission over US child data protection violations.
TikTok has responded, saying, “We respectfully disagree with the decision, particularly the level of the fine imposed.” The company emphasized that it had already addressed many of the issues raised during the inquiry.
Cord Cutters News contacted TikTok for comment, and will update the story when the company responds.
With TikTok facing this substantial fine from the EU for its handling of child data, it has only amplified public concerns about its privacy practices and connection to China. The platform now confronts growing regulatory challenges both in Europe and the United States.