TikTok Slapped with $368 Million Fine under Europe’s Data Privacy Rules

Social media platform TikTok is facing a $368 million fine after failing to protect children’s privacy, breaching Europe’s strict data privacy rules.

Ireland’s Data Protection Commission – the primary regulatory authority overseeing European data privacy matters – announced its fine directed at TikTok for breaches dating back to 2020.

TikTok Hit With $368M Fine Under Europe's Strict Data Privacy Rules https://t.co/towy1xFUEX

— The Hollywood Reporter (@THR) September 15, 2023

The investigation uncovered critical issues with TikTok’s sign-up process for teenage users. This process inadvertently led to default settings that made their accounts public, enabling unrestricted access to view and comment their videos. These default settings posed a significant risk to children under the age of 13, who gained unauthorized access to the platform.

In addition to this, the “family pairing” feature, intended for parental control, was found to have some loose restrictions. It allowed adults to enable direct messaging for users aged 16 and 17 without their consent. Additionally, it pushed teenage users into selecting more invasive privacy options during the sign-up and video posting processes, as noted by the regulatory authority.

“Social media companies have a responsibility to avoid presenting choices to users, especially children, in an unfair manner — particularly if that presentation can nudge people into making decisions that violate their privacy interests,” said Anu Talus, Chair of the European Data Protection Board.