TikTok Faces Massive €345 Million Fine Over Child Data Violations in E.U.

TikTok Faces Massive €345 Million Fine Over Child Data Violations in E.U.

The Irish Data Protection Commission (DPC) slapped TikTok with a €345 million (about $368 million) fine for violating the European Union’s General Data Protection Regulation (GDPR) in relation to its handling of children’s data.

Some of the major findings include –

  • The content posted by child users was set to public by default, thereby allowing any individual (with or without TikTok) to view the material and exposing them to additional risks


  • A failure to provide transparency information to child users


  • The implementation of dark patterns to steer users towards opting for privacy-intrusive options during the registration process, and when posting videos


  • A weakness in the Family Sharing setting that allowed any non-child user (someone who could not be verified as a parent or their guardian) to pair their account to that of a minor’s, which made it possible for the adult user to enable direct messages for child users above the age of 16

In a statement shared on its website, the company disagreed with the decision and said that the criticisms are focused on features and settings that were in place three years ago, which have since been changed by setting all under 16 accounts to private by default. It’s immediately clear if the company intends to appeal the ruling.

TikTok was previously handed out a €5 million (about $5.4 million) fine by the French data protection watchdog in January 2023 for breaking cookie consent rules and for making the opt-out mechanism more complex than opting-in.

The development arrives days after California’s Attorney General announced that Google would fork out $93 million to settle a privacy lawsuit alleging it violated the U.S. state’s consumer protection laws by collecting users’ location data for consumer profiling and advertising purposes without informed consent.


Source: https://thehackernews.com/