According to the Irish data protection authority DPC, which is responsible for the EU, the popular video service TikTok has violated European data protection law. He therefore has to pay a fine of 345 million euros. The trigger was an investigation into the handling of user data from minors between the end of July and the end of December 2020.
TikTok violated the General Data Protection Regulation (GDPR) by processing data from users aged 13 to 17, according to a statement from the European Data Protection Board. These users were offered a default setting through which their contributions could be published by default for everyone to see. The comment function in the profiles was also accessible to all other users as a default.
The design of the buttons in a pop-up window encouraged the children to post their contribution “now” and publicly. If they wanted to post their post as “private,” they would have first had to select “Cancel” and then go to the privacy settings, the data protection advocates explain. In addition, the consequences that the various hiring options had were unclear.
In a statement, TikTok expressed disagreement with the amount of the fine. The Irish Data Protection Authority did not conclude that TikTok’s age verification violated the GDPR. “In addition, most of the criticisms of the decision are no longer relevant due to measures that we introduced at the beginning of 2021, several months before the investigation began.” This means that all accounts of users under the age of 16 have been set to “private” by default. This month, TikTok plans to preset accounts for 16- to 17-year-old new users as “private.”
In addition to the fine, TikTok was asked to bring data processing into compliance with the European General Data Protection Regulation (GDPR) within three months. The previous record fine under the GDPR of 1.2 billion euros was imposed on the Facebook group Meta in May.
Data centers in Ireland and Norway
TikTok is currently moving data from European users to a new data center in Ireland. Another data center in Ireland and one in Norway are currently being built. By the end of 2024, European user data will be transferred there and stored there by default. The DPC has been responsible for Tiktok since July 2021.
Recommended editorial content
With your consent, an external survey (Opinary GmbH) will be loaded here.
Always load surveys Load survey now
TikTok wants to gain trust in Europe with the plan called “Project Clover”. The video app has a difficult political position in the West because it is owned by the Chinese company Bytedance. The EU Commission and several European governments banned the use of the app on their employees’ work cell phones. With “Project Clover,” TikTok wants to guarantee that access to personal data of European users is strictly regulated and transparent.
To the home page
#Data #protection #regulator #imposes #fine #million #euros #TikTok