TikTok's Data Privacy Woes with a Heavy Price to Pay

Why do you put a fence around your front or backyard? Because you want to know the people that this is your property and no one is allowed to breach or destroy it, right? But what if your privacy is being compromised? TikTok, the enormously popular short-video platform owned by a Chinese business, is presently embroiled in a major controversy within the European Union (EU). It has been fined 345 million euros (equal to $368.2 million USD) for breaches in privacy rules relating to the management of children's data.

Surprising right? Well, its just the tip of the iceberg, stay tuned for more. The Data Protection Commissioner (DPC) of Ireland is the principal regulatory authority monitoring numerous multinational digital firms operating within the EU, given the strategic position of their regional headquarters in Ireland. Notably, this is the first time TikTok's parent business, ByteDance, has faced such harsh consequences at the hands of the DPC.

The transgressions unfolded within a specific timeframe, from July 31, 2020, to December 31, 2020. During this window, TikTok was found to be in breach of multiple EU privacy regulations. TikTok, a platform with meteoric growth in its teenage user base worldwide, drew criticism for various infringements.

One primary source of worry was TikTok's 2020 default option, which automatically established accounts for users under 16 as "public" by default. Furthermore, TikTok was chastised for its insufficient verification mechanisms for users claiming to be parents or guardians of underage users, notably in the context of the "family pairing" feature.

In response to these concerns, TikTok took steps to bolster parental controls within the family pairing feature in November 2020. Additionally, in January 2021, TikTok modified the default setting for all registered users under 16 to "private."

TikTok has announced efforts to overhaul its privacy documents to thoroughly address these issues. These changes are intended to make distinguishing between public and private accounts easier. Furthermore, TikTok plans to launch a pre-selected private account setting for new members aged 16-17 later this month.

The DPC has given TikTok a three-month timeframe to correct any procedural issues that do not comply with regulatory requirements.

Aside from the substantial penalties, the DPC is still investigating TikTok's policies regarding transferring personal data to China. This ongoing examination focuses on TikTok's compliance with EU data legislation while transmitting data to countries outside the EU.

Progress has been made in this investigation, with the DPC disclosing its preparations for a preliminary draft decision in March.

The central regulatory authority for a given firm has the right to levy fines of up to 4% of the company's global revenue under the European Union's General Data Protection Regulation (GDPR), which went into effect in 2018. The DPC has previously used similar jurisdiction to levy significant fines on other large digital companies, including a 2.5 billion euro fine on Meta.

So, TikTok, you're not alone in this regulatory rollercoaster. The lesson here is clear: when safeguarding children's data privacy, one must tread cautiously or navigate turbulent financial waters.


Read next: Autism Misinformation Has Become Extremely Common on TikTok
Previous Post Next Post