The social network TikTok was fined 345 million euros on Friday by the European Union for violating its data protection rules in the processing of information concerning minors.
Published on : Modified :
345 million euros. This is the amount of the fine that the European Union (EU) imposed on Friday September 15 on the social network TikTok for having violated its data protection rules (GDPR) in the processing of information concerning minors.
TikTok Technology Limited will have to pay “administrative fines totaling €345 million” and bring its operations into compliance within three months, the Irish Data Protection Commission (DPC) announced in a press release. , acting on behalf of the EU.
In September 2021, the DPC opened an investigation into this subsidiary of the Chinese giant ByteDance, very popular among young people, which today has 150 million users in the United States and 134 million in the European Union.
The offenses concerned related to the period between July 31 and December 31, 2020.
TikTok “respectfully disagrees” with the European decision
The Irish authority notes in particular in its decision that the registration of children on the platform was done in such a way that their accounts were defined as public by default.
Other problems related to the “family connection” mode, which allows you to link a parent’s TikTok account to that of their teenager. According to the decision, the company notably did not verify whether the associated user was actually the parent or guardian.
In addition, if the platform is in theory reserved for users aged at least 13, the DPC considers that TikTok did not properly take into account the risks posed to younger people who still managed to create an account.
TikTok “respectfully disagrees with the decision, in particular the level of the fine imposed”, reacted a spokesperson in a statement sent to AFP, specifying that the company “evaluates the next steps”, without decide on the possibility of appealing.
“The criticisms of the DPC focus on functionalities and parameters that were in place three years ago, and which we modified” shortly after, argued the company, noting for example that all accounts of People under 16 are now private by default.
Several fines already imposed on TikTok
The company claims to closely monitor the age of its users, and notably indicates that it deleted nearly 17 million accounts worldwide in the first three months of 2023 alone because they were suspected of belonging to people under 13 years old.
The Irish Data Protection Authority has jurisdiction to act on behalf of the EU because TikTok’s principal place of business in Europe is in Ireland.
This is not the first time TikTok has been fined for its handling of minors’ data. The social network was fined $5.7 million in the United States in 2019, 750,000 euros in the Netherlands in 2021 and 12.7 million pounds in the United Kingdom last April for comparable facts.
Regularly, social networks are accused of having harmful effects on younger users, for example by overexposing them to the seemingly ideal lives of other people or to inappropriate advertisements.
The French Parliament voted at the end of June to require platforms like TikTok, Snapchat or Instagram to verify the age of their users and the consent of parents when they are under 15 years old.
Friday’s sanction comes in a context of strengthening controls and legal procedures in the European Union, but also in the United States, against tech giants, from TikTok to GAFA (Google, Amazon, Facebook and Apple).
In May, Meta received a record fine of 1.2 billion euros from the Irish regulator for violating European data protection rules with its social network Facebook.
Faced with mistrust from public authorities, TikTok also announced at the beginning of September that it had started hosting the data of its European users in Ireland, in order to allay fears regarding its Chinese shareholders.