Data protection: TikTok will have to pay a fine of 345 million euros in Europe

Personal data TikTok called to order by the government

TikTok Technology Limited will have to pay “administrative fines totaling 345 million euros”, and bring its operations into compliance within three months, the Irish Commission for the Protection of Data announced this Friday, September 15 in a press release. data (DPC). This acts on behalf of the European Union (EU), because TikTok’s main establishment in Europe is in Ireland. The cause of the fine? The social network violated its European data protection rules (GDPR) in the processing of information concerning minors.

The DPC opened an investigation in September 2021 into this subsidiary of the Chinese giant ByteDance, very popular among young people, which today has 150 million users in the United States and 134 million in the European Union. The offenses concerned related to the period between July 31 and December 31, 2020.

The Irish authority notes in particular in its decision that the registration of children on the platform was done in such a way that their accounts were defined as public by default. Other problems related to the “family connection” mode, which allows you to link a parent’s TikTok account to that of their teenager. According to the decision, the company notably did not verify whether the associated user was actually the parent or guardian.

In addition, if the platform is in theory reserved for users aged at least 13, the DPC considers that TikTok did not properly take into account the risks posed to younger people who still managed to create an account.

TikTok “respectfully disagrees with the decision, in particular the level of the fine imposed”, reacted a spokesperson in a statement sent to AFP, specifying that the company “evaluates the next steps”, without decide on the possibility of appealing. “Criticism of the DPC focuses on features and settings that were in place three years ago, and which we changed” shortly after, the company argued. She notes, for example, that all accounts of people under 16 are now private by default.

17 million accounts deleted

The company also says it closely monitors the age of its users, and says it removed nearly 17 million accounts worldwide in the first three months of 2023 alone because they were suspected of belonging to people under 13 years old.

This is not the first time that TikTok has been fined for its processing of minors’ data: the social network was fined $5.7 million in the United States in 2019, $750,000 euros in the Netherlands in 2021 and 12.7 million pounds in the United Kingdom last April for comparable facts.

Regularly, social networks are accused of having harmful effects on younger users, for example by overexposing them to the seemingly ideal lives of other people or to inappropriate advertisements. The French Parliament voted at the end of June to require platforms like TikTok, Snapchat or Instagram to verify the age of their users and the consent of parents when they are under 15 years old.

This new sanction comes in a context of strengthening controls and legal procedures in the European Union, but also in the United States, against tech giants, from TikTok to GAFA (Google, Amazon, Facebook and Apple).

In May, Meta received a record fine of 1.2 billion euros from the Irish regulator for violating European data protection rules with its social network Facebook. Faced with mistrust from public authorities, TikTok also announced at the beginning of September that it had started hosting the data of its European users in Ireland, in order to allay fears regarding its Chinese shareholders.

lep-life-health-03