The European Union has imposed a fine of €345 million on TikTok for violating the rules regarding the protection of minors’ personal data.
TikTok Technology Limited has been ordered to pay “administrative fines totaling €345 million” and to bring its activities into compliance within three months, according to the Irish Data Protection Commission (DPC), which acts on behalf of the EU.
The DPC initiated an investigation in September 2021 into this subsidiary of the Chinese giant ByteDance, a social media platform particularly popular among young people, which now has 150 million users in the United States and 134 million in the European Union.
The investigations covered the period between July 31 and December 31, 2020.
The Irish authority emphasized in its decision that the registration of minors on the platform is done in such a way that their accounts are set to public by default.
Other issues related to the functioning of the “family pairing” feature, which allows the linking of a parent’s TikTok account with that of their child. According to the decision, the company does not verify whether the linked user is indeed a parent or guardian.
Furthermore, while the platform is theoretically intended for users over the age of 13, the DPC believes that TikTok did not adequately consider the risks for children under that age who managed to create accounts on the platform.
TikTok “disagrees with the decision, especially with the amount of the fine imposed,” a company spokesperson responded, stating that the company is “reviewing the next steps,” without specifying whether they will appeal the decision, as reported by the Greek news agency ANA-MPA.
“The DPC’s criticisms relate to features and parameters that existed three years ago and which we modified immediately afterwards,” the company argued, pointing out that all accounts of individuals under 16 are now set to private by default.
This is the first fine imposed by the Irish regulatory authority on ByteDance. Last May, the DPC imposed a record fine of €1.2 billion on Meta for violating European data protection regulations through the social media platform Facebook.
