Irish authorities imposed a fine on TikTok of $368 million. The huge fine concerns failures to protect the privacy of minors using the app.
The Irish Data Protection Commission (DPC) has decided on a huge fine for TikTok. The investigation into the violation of the GDPR provisions has been ongoing since September 2021, and the verdict in the case was finally announced recently.
TikTok with a huge fine in Ireland – it’s about violating the GDPR
According to the regulator, TikTok allegedly violated several points of the European General Data Protection Regulation. DPC examined the period from July 31 to December 31, 2020 and included minors aged 13 to 17.
The allegations against the company concerned deficiencies in user account settings, which were public by default – all published content was visible to both other people present on the platform and Internet users outside the website. Another problematic issue concerned the formation of the parent-child pair. TikTok allegedly improperly checked whether the parent account actually belonged to a person’s parent.
Further deficiencies allegedly concerned, among others: non-transparent information on the processing of minors’ personal data, or the use of the so-called dark patterns, encouraging you to give up your privacy rights at the account registration stage.
TikTok responds to Ireland
In a post on its official blog, TikTok “respectfully disagrees with several aspects of the regulator’s decision,” including the amount of the fine.
The changes include new countermeasures, including making the accounts of users aged 13-15 private by default. Popular entries such as Duet and Stitch have been changed so that other users cannot “join” materials created by people under 16 years of age.