A probe found that TikTok accounts belonging to teens were public by default during the sign-up process, allowing anyone to view and comment on their videos
ADVERTISEMENTEuropean regulators slapped TikTok with a €345 million fine Friday for failing to protect children's privacy. It's the first time the popular short video-sharing app has been punished for breaching Europe's strict data privacy rules.
Ireland's Data Protection Commission, the lead privacy regulator for Big Tech companies whose European headquarters are predominantly in Dublin, said it was fining TikTok and reprimanding the platform for the violations dating back to the second half of 2020.
The Commission's investigation also found that the default settings posed a risk to children under 13 who had gained access to the platform even though they were underage.
In addition, the Commission ruled that a 'family pairing' feature designed for parents to manage settings was not strict enough, allowing adults to turn on direct messaging for users aged 16 and 17 without their consent.
The platform also nudged teen users into more 'privacy intrusive' options when signing up and posting videos, the watchdog said.
TikTok said in a statement that it disagrees with the decision, “particularly the sum of the fine imposed.”
The company pointed out that the regulator's criticisms focused on features and settings dating back three years. TikTok said it had made changes well before the investigation began in September 2021, including making all accounts for teens under 16 private by default and disabling direct messaging for 13 to 15-year-olds.
“Most of the decision’s criticisms are no longer relevant as a result of measures we introduced at the start of 2021 — several months before the investigation began,” TikTok's head of privacy for Europe, Elaine Fox, wrote in a blog post.
Not fast enough
The Irish regulator has been criticised for not moving fast enough in its investigations into Big Tech companies since EU privacy laws took effect in 2018. For TikTok, German and Italian regulators disagreed with parts of a draft decision issued a year ago, delaying it further.
To avoid new bottlenecks, the Brussels headquarters of the 27-nation bloc has been given the job of enforcing new regulations to foster digital competition and clean up social media content — rules aimed at maintaining its position as a global leader in tech regulation.
The Irish watchdog also examined TikTok’s measures to verify whether users are at least 13 but found they didn’t break any rules.
The regulator is still carrying out a second investigation into whether TikTok complied with the EU’s General Data Protection Regulation when it transferred users' personal information to China, where its owner, ByteDance, is based.
TikTok has faced accusations it poses a security risk over fears that users' sensitive information could end up in China. It has embarked on a project to localise European user data to address those concerns: opening a data centre in Dublin this month, which will be the first of three on the continent.
Instagram, WhatsApp and their owner Meta are among other tech giants that have been hit with big fines by the Irish regulator over the past year.
