TikTok accused of violating children's privacy laws
(Baonghean.vn) - On September 15, European regulators announced that they would fine TikTok $368 million for violating European children's privacy regulations.
It is also the first time the popular Chinese-owned short video sharing app has been punished for violating Europe's strict data privacy rules.
Ireland's Data Protection Commission, the top privacy regulator for Big Tech companies headquartered in Europe, said it will fine TikTok $368 million and reprimand the platform for violations since the second half of 2020.
The investigation found that the registration process for child users resulted in accounts being set to public by default, allowing anyone to view and comment on videos posted by children. Those default settings also put children under 13 at risk of gaining access to the platform when they were not supposed to.
Additionally, TikTok’s Family Pairing feature, designed to help parents manage settings, was not strict enough, allowing adults to enable direct messaging for users as young as 16 and 17 without their consent. And it gave young users more “privacy-invasive” options when signing up and posting videos, the watchdog said.
Regarding this issue, TikTok said in a statement that they disagree with this decision, especially the fine applied.
The company pointed out that the regulator’s criticism focused on features and settings that were in place three years ago. TikTok said it had made several changes before the investigation began in September 2021, including making all accounts for teens under 16 private by default and disabling direct messaging for teens ages 13 to 15.
“Most of the criticism of this decision is no longer relevant due to measures we put in place in early 2021 — months before the investigation began,” Elaine Fox, TikTok’s head of privacy in Europe, wrote in a blog post.
The Irish regulator has been criticized for not moving quickly enough in its investigations into Big Tech companies since the European Union's (EU) privacy law came into effect in 2018. For TikTok, German and Italian regulators disagreed with parts of a draft decision issued a year ago, causing further delays.
To avoid new bottlenecks, the 27-nation EU bloc’s law enforcement agencies headquartered in Brussels have been tasked with enforcing new rules aimed at promoting digital competition and cleaning up social media content – rules aimed at maintaining its global leadership in enforcing tech regulations.
The regulator is still conducting a second investigation into whether TikTok complied with the EU's General Data Protection Regulation (GDPR) by transferring users' personal information to China, where parent company ByteDance is based.
TikTok has faced accusations that the short video platform poses a security risk over concerns that sensitive user information could be transmitted to China.
The GDPR was introduced by the EU in 2018 to protect users' privacy from unauthorized use of personal data by technology companies operating in the union. The GDPR applies to organizations within the EU, as well as companies based outside the EU. Companies that violate the GDPR can face fines of up to 4% of their global turnover.
Previously, a number of other technology “giants” were also fined by the Irish regulator for violating GDPR, including Meta - the parent company of social network Facebook, with fines of up to 2.5 billion Euros. As of the end of last year, the agency had conducted 22 investigations into multinational companies based in Ireland.
Ireland's regulator now plays a key role in making decisions on general data protection in the EU, as Dublin is home to the European headquarters of TikTok and other social media companies such as Google, Meta and X (formerly Twitter).
