TikTok Fined $367 Million Over Alleged Mishandling of Children’s Data
TikTok has been fined €345 million — about $367 million — by an Irish regulatory agency, which ruled the app violated the EU’s data-privacy laws with respect to processing information on children users.
Ireland’s Data Protection Commission (DPC), in addition to the fine, ordered TikTok “to bring its processing into compliance” with Europe’s General Data Protection Regulation (GDPR) within three months.
During an investigation into TikTok practices spanning the second half of 2020, the DPC found that the app’s signup process for teenage users resulted in settings that made their accounts public by default, allowing anyone to view and comment on their videos. In addition, the regulator said, TikTok’s “family pairing” feature, intended to let parents and guardians manage their kids’ accounts, failed to verify whether the user was actually the child user’s parent or guardian. In addition, the adult user could use the “family pairing” feature to enable DMs for child users older than 16, “thereby making this feature less strict for the child user,” according to the DPC’s investigation.
In a statement, TikTok said, “We respectfully disagree with the decision, particularly the level of the fine imposed. The DPC’s criticisms are focused on features and settings that were in place three years ago, and that we made changes to well before the investigation even began, such as setting all under 16 accounts to private by default.”
Meanwhile, earlier this year the U.K.’s Information Commissioner’s Office (ICO) fined TikTok more than $15 million for allegedly failing to enforce rules under which children under the age of 13 are not allowed to use the social media platform without parental consent.
In 2019, TikTok paid a $5.7 million fine to settle FTC allegations that it violated the U.S. Children’s Online Privacy Protection Act (COPPA). Under the settlement, TikTok promised to come into compliance with the law.
Comments are closed.