The European Union’s chief data privacy regulator has fined TikTok €345M ($370M) for violating EU laws pertaining to the processing of children’s personal data, marking the first time the video platform has been punished by the privacy watchdog.
The Ireland-based Data Protection Commission (DPC) is reprimanding ByteDance-owned TikTok for violations dating back to late 2020 and has been investigating the company’s compliance with child data protection since 2021.
TikTok has been abusing its immense popularity with younger users to harvest their data and ignore safeguards to protect children. Not only does TikTok fail to verify the age of users and prevent children younger than 13 from joining the app, but its algorithms illegally process minors’ data to push harmful content. TikTok is not doing enough to protect children, and it must be punished for its violations.
This fine is heavy-handed and is not based on TikTok’s current policies regarding child data processing. TikTok has set the accounts of users 12-15 years old to private by default and it has created several protections to inform younger users about TikTok’s privacy policies. TikTok is always looking to improve, but it shouldn't be fined based on features that were present three years ago — before the DPC had even started its investigation.