TikTok was penalised €345 million ($368 million) by Irish officials for abusing children’s privacy.
In particular, age verification and privacy settings were mentioned in relation to how the social networking app handled children’s data in 2020.
The fine is the largest ever that TikTok has ever faced from authorities.
TikTok’s spokesperson said it “respectfully disagree[s] with the decision, particularly the level of the fine imposed”. “The criticisms are focused on features and settings that were in place three years ago, and that we made changes to well before the investigation even began, such as setting all under 16 accounts to private by default,” the firm added.
In accordance with the EU’s General Data Protection Regulation (GDPR), Ireland’s Data Protection Commission (DPC) imposed the penalties. Companies must abide by the requirements outlined by GDPR when processing customer data.
According to the DPC, TikTok had not been clear enough with kids about its privacy settings, and there were concerns expressed about how their data was used.
The investigation also discovered that accounts created by users between the ages of 13 and 17 were made public by default upon registration, making the material they uploaded accessible to everyone, according to Data Protection Commissioner Helen Dixon, who spoke to BBC News.
Dixon said, “That is precisely at the hands of TikTok because of the way they designed the platform, and we say that infringed the data protection by design and by the default requirements of the GDPR.”
The company has three months to fully comply with GDPR in all aspects of data processing.
Even while the fine is in the hundreds of millions of dollars, it is actually less severe than other fines that have been imposed recently, such as the €1.2 billion ($1.27 billion) charge that Meta received from the regulator in May for improperly managing customer data during transfers between Europe and the United States.