2023-09-19 11:00:00
TECH – TikTok’s troubles continue. The European Union (EU) imposed a fine of 345 million euros on the Chinese social network on Friday September 15, 2023, for violating its data protection rules. TikTok’s processing of information relating to minors has been called into question by the Irish Data Protection Commission (DPC). Parent company ByteDance has three months to comply with the regulations. A few days after announcing the opening of data centers (data center, editor’s note) in Ireland to reassure the European authorities, TikTok, already restricted and blocked by several countries around the world, suffered another hard blow.
The Irish Data Protection Commission (DPC), is a data protection supervisory authority which acts on behalf of the European Union (comparable to the CNIL* for France).
An investigation targeting the very popular social network TikTok was opened in September 2021, for offenses committed between July 31 and December 31, 2020. The application, which has 150 million users in the United States, 134 million in the EU and 1.6 billion in the world, is questioned in its management of the registration of children. This was done in the same way as for an adult and accounts opened by minors were systematically accessible to the public.
Age verification and parental controls criticized
The sentence fell after a two-year procedure. On Friday, the DPC announcement in a press release having imposed a fine of 345 million euros on ByteDance and its application. TikTok is fined for three main infractions, starting with its management of data related to minors. “TikTok has failed to provide sufficient transparency information to minors”y lit-on.
Another fault of the Chinese application: the implementation of a type of user interfaces called “Dark Patterns“, designed to manipulate users into “encouraging people to choose more privacy-intrusive options during the registration process and when posting videos.”
The second offense is related to parental controls, which allows a child’s account to be linked to that of their parents. TikTok did not verify, says the DPC, whether the associated user was really one of its parents or guardian. The age verification for which the social network has been repeatedly challenged, including in France, is still not effective enough. The platform is theoretically reserved for users aged 13 and over, but younger children can still create an account.
To add to this heavy fine, TikTok Technology Limited is being slapped on the wrist and officially reprimanded. She is also ordered by the Irish Data Protection Commission to comply with the law within three months.
TikTok deplores the amount of the fine
The app reacted to the news. The subsidiary of ByteDance is “respectfully disagree with the decision, in particular the level of the fine imposed”, a spokesperson told AFP. The social network has not provided any details regarding its intentions to appeal or not.
TikTok, here “will assess next steps”has difficulty digesting such a penalty because, it is argued, “Criticism of the DPC focuses on features and settings that were in place three years ago, and which we changed shortly afterward” the period investigated. The company points out as an example that the accounts of people under 16 were private by default.
The verdict comes a few days after TikTok’s announcement of the opening of data centers in Europe, in Ireland precisely, in order to reassure the authorities about the hosting of European users’ data. “Our first data center in Dublin, Ireland is now operational and the migration of European user data to this center has already started, while our other two centers in Norway and Ireland are under construction”it was clarified.
This data will be audited “independently” by the British company NCC Group, which is also able to “monitor data flows” and of “report any incident”. The aim is to prevent ByteDance employees located in China from accessing “protected data” and sensitive of Europeans as many EU Member States fear.
TikTok has already been penalized for managing the data of its underage users. The United Kingdom fined him £12.7 million (around €14.5 million) in April 2023 for violating children’s privacy.
The presence of minors on this application has always been problematic in the eyes of certain authorities. The latest is that of Kyrgyzstan, which announced its intention to ban TikTok for “protect your children” against one “negative impact on their education and health”.
This is one of the many motivations which have pushed States to take more or less drastic measures against the Chinese social network. Some countries have banned their citizens from using TikTok to “attack on good morals” or by a “desire to control information” while others, mainly Western, have banned its use by elected officials, civil servants and the military.
*National Commission for Information Technology and Liberties
#European #Union #fines #TikTok #million #euros #management #underage #user #data