TikTok Hit with €345 Million GDPR Fine by Irish Data Protection Commission
- Privacy Law In Canada
- Sep 15, 2023
- 1 min read
September 15th, 2023 --- The Irish Data Protection Commission (DPC) has imposed a fine of €345 million on TikTok for alleged violations of the EU General Data Protection Regulation (GDPR) concerning the protection of children's data. The violations pertain to TikTok's platform settings for children between July 31, 2020, and December 31, 2020.
The DPC's investigation found violations of various GDPR articles, including those related to data processing, data protection by design and by default, and transparency. Additionally, an article was added following a binding decision by the European Data Protection Board (EDPB) in August.
The EDPB focused on TikTok's pop-up notifications presented to children aged 13-17, highlighting concerns that they "failed to present options to the user in an objective and neutral way." The EDPB emphasized the responsibility of social media platforms to avoid presenting choices to users, especially children, in an unfair manner.
TikTok has been given three months to rectify the alleged GDPR contraventions. The Head of Privacy for Europe at TikTok, Elaine Fox, expressed disagreement with certain aspects of the decision, particularly the fine, and noted that measures were implemented in early 2021 to address the issues raised.
This enforcement action against TikTok is the latest in a series of significant fines imposed by the DPC in the past year, including a record €1.2 billion fine against Meta (formerly Facebook) in May.
Concerns over the DPC's enforcement process and delays in finalizing enforcement actions have drawn criticism from consumer groups. However, the DPC emphasizes the importance of following due process when investigating cases with potential high fines and significant impacts on businesses.
For more information please visit: