TikTok is hit with $368 million fine under Europe’s strict data privacy rules

LONDON – European regulators slapped TikTookay with a $368 million fine on Friday for failing to protect children’s privacy, the primary time that the preferred quick video-sharing app has been punished for breaching Europe’s strict data privacy rules.

Ireland’s Data Protection Commission, the lead privacy regulator for Big Tech corporations whose European headquarters are in large part in Dublin, mentioned it used to be fining TikTookay 345 million euros and reprimanding the platform for the violations courting to the second one part of 2020.

The investigation discovered that the sign-up procedure for youngster customers ended in settings that made their accounts public by way of default, permitting any person to view and touch upon their movies. Those default settings additionally posed a chance to kids under 13 who received get entry to to the platform despite the fact that they are no longer allowed.

Also, a “circle of relatives pairing” feature designed for parents to manage settings wasn’t strict enough, allowing adults to turn on direct messaging for users aged 16 and 17 without their consent. And it nudged teen users into more “privacy intrusive” options when signing up and posting videos, the watchdog said.

TikTok said in a statement that it disagrees with the decision, “particularly the level of the fine imposed.”

The company pointed out that the regulator’s criticisms focused on features and settings dating back three years. TikTok said it had made changes well before the investigation began in September 2021, including making all accounts for teens under 16 private by default and disabling direct messaging for 13- to 15-year-olds.

“Most of the decision’s criticisms are no longer relevant as a result of measures we introduced at the start of 2021 — several months before the investigation began,” TikTok’s head of privacy for Europe, Elaine Fox, wrote in a blog post.

The Irish regulator has been criticized for not moving fast enough in its investigations into Big Tech companies since EU privacy laws took effect in 2018. For TikTok, German and Italian regulators disagreed with parts of a draft decision issued a year ago, delaying it further.

To steer clear of new bottlenecks, the Brussels headquarters of the 27-nation bloc has been given the activity of imposing new rules to foster digital competition and clean up social media content — rules aimed toward keeping up its place as a global leader in tech regulation.

The Irish watchdog also examined TikTok’s measures to verify whether users are at least 13 but found they didn’t break any rules.

The regulator is still carrying out a second investigation into whether TikTok complied with the EU’s General Data Protection Regulation when it transferred users’ personal information to China, where its owner, ByteDance, is based.

TikTookay has confronted accusations it poses a safety chance over fears that users’ sensitive information could end up in China. It has launched into a venture to localize European person data to deal with the ones issues: opening a data center in Dublin this month, which would be the first of 3 in at the continent.

Instagram, WhatsApp and their proprietor Meta are amongst different tech giants which have been hit with large fines by way of the Irish regulator over the last yr.