NEWS
TikTok Fined $368 Million By EU Regulators For Failing To Protect Children’s Privacy
Courtesy of Xinhua
Ireland’s Data Protection Commission on Friday announced a $368 million fine against TikTok for failing to protect children’s privacy in violation of Europe’s General Data Protection Regulation (GDPR) laws.
The DPC launched its investigation in 2021, examining TikTok’s processing of children’s data during the period from July 31, 2020 to Dec. 31, 2020. The probe looked at TikTok features including public-by-default account settings; “family pairing” settings; and age verification as part of the registration process.
According to the regulator, profile settings for teen users were set to public by default, allowing anyone, on or off the platform, to view their content. The setting “also posed several possible risks to children under the age of 13 who gained access to the platform,” even though they are not allowed, the DPC said.
The family pairing feature, introduced in 2020 to allow parents to manage their children’s settings, did not verify that the paired adult user was actually a parent or guardian, the DPC said.
The setting allowed an adult user who could not be verified as a child user’s parent or guardian to pair their account to a child’s account. The adult user could then enable direct messages for child users age 16 or 17, without the teen’s consent, “which posed severe possible risks to child users,” the DPC said.
The regulator said TikTok failed to provide sufficient transparency on these features and settings to child users.
The DPC also found TikTok infringed the GDPR principle of fairness, by implementing “dark patterns” that pushed users to choose more privacy-intrusive options during the registration process and when posting videos.
The order includes administrative fines of 345 million euros and an order for TikTok to being their data processing into compliance with the GDPR.
TMX contributed to this article.
