The European Union has imposed a substantial €345 million fine on the popular video-sharing platform TikTok for its failure to adequately protect children’s data. The penalty comes following a notice from Ireland’s Data Protection Commission (DPC), an EU data privacy authority, which cited eight privacy and information processing violations and issued a three-month ultimatum for the company to rectify its practices.
One of the key issues identified by the DPC was that TikTok’s default profile settings for children were set to ‘public,’ exposing their content to anyone. Additionally, the ‘Family Pairing’ feature, designed to allow parents to connect with their child’s content and send direct messages, was also accessible to all users, posing significant risks to these accounts.
TikTok’s failure to adequately inform users under the age of 16 about the potentially invasive privacy options while posting videos constituted a clear violation of the European Data Protection Board (EDPB) regulations and a significant breach of the General Data Protection Regulation (GDPR).
In response to the imposed penalty, TikTok has initiated an appeal while taking steps to address the privacy concerns. They have now made the videos posted by users aged 12-15 private by default and enabled customization of viewership for users below the age of 16.
To ensure compliance with the newly enforced regulations, the company, owned by ByteDance and based in Singapore, has revamped its user account registration process for individuals above 17 years of age. They have also restricted parents from sending direct messages to accounts marked as ‘Private.’
Previously, TikTok primarily catered to users under the age of 40, but during the lockdown period, the platform experienced a remarkable 45% increase in registrations from users aged 40 and above.
In light of these developments, the mobile application-driven business platform is committed to resolving these privacy issues discreetly, recognizing the potential adverse effects on its revenue. TikTok is determined to address data privacy concerns amicably, separate from the ongoing business endeavors of Douyin and its affiliated infotech platform, Musical.
