TikTok has been thrust into the limelight, not for its viral dance trends or memes, but for a weighty €345 million fine ($368 million) the platform has recently been handed. This considerable penalty is the culmination of a probe by the Irish Data Protection Commission (DPC) into alleged violations of children’s privacy, specifically those aged between 13 and 17.
Ongoing Case for 3 Years
The inquiry, set rolling in September 2021, critically examined the process by which TikTok dealt with children’s data, in a period stretching from July 31 to December 31, 2020. Particular attention was given to how the company adhered to specific articles of the European Union’s General Data Protection Regulation (GDPR).
In the commission’s findings, the popular short-form video platform was found wanting in several aspects. Of primary concern was the default public visibility setting of children’s profile accounts, raising unsettling questions about broadcasted content visibility, both within and beyond the platform.
Are You The Mommy? TikTok Can’t Tell
The company’s ‘Family Pairing’ feature also caught the regulator’s eye for its inability to authenticate the status of parents or guardians. This opened a sizeable Pandora’s box, allowing non-child users to connect with accounts of minors who were 16 years or older. This not only draped a cloud of worry about potential risks but also gave the non-child user a green light to use Direct Messages.
Little Billy Vows to Burn His TikTok Hoody after Learning That The MegaCorp Doesn’t Care About Him.
Digging deeper, the DPC revealed that TikTok had not gone the extra mile in its transparency efforts to explain how it processed data, leaving younger users with an inadequate understanding of its procedures.
Furthermore, TikTok’s way of cunningly employing “dark patterns” during both the registration process and while posting, practically steered users to select options which imperiled their privacy, did not escape the regulator’s scrutiny.
The Irish Go Full Irish On TikTok
Disturbed by these findings, the Irish body saw it fit to slap TikTok with a mammoth, €345 million fine, for the privacy violations unearthed in the investigation. Alongside the hefty penalty, an official reprimand was given, and a stringent three-month window was set for TikTok to align its data processing practices with the prevailing regulatory standards.
Anu Talus, Chair of the European Data Protection Board, underlined that social media platforms like TikTok should refrain from nudging users, particularly young ones, into making decisions that might compromise their privacy. The choices related to privacy need to be offered neutrally, devoid of misleading language or design. As such, this regulatory decision intends to reiterate to all digital entities that the protection of children’s data demands full precaution. The fine amount is substantial in comparison to Google’s recent Privacy Faux Paux.
France Handed Out a French Version of a Fine
Earlier in the year, TikTok faced a €5 million penalty issued by France’s data protection authority, owing to alleged failings in informing users about its cookie usage and making it difficult for them to opt out.