TikTok, the well-known short-video website, was handed a historic €345 million fine by regulatory authorities for putting the personal information of kids in danger. The punishment was imposed following a thorough examination of TikTok’s data processing procedures, which exposed grave violations of young users’ privacy.
The European Data Privacy Board (EDPB), the body responsible for overseeing data privacy in the European Union, imposed the penalties. The examination by the EDPB concentrated on how TikTok handled the personal data of users under the age of 18, a group that makes up a sizeable chunk of the platform’s user base.
Insufficient Age Verification: According to the EDPB, TikTok did not put in place proper age verification mechanisms, allowing users under the age of 13 to register for accounts. The General Data Protection Regulation (GDPR), which mandates a minimum age of 13 for the collection of personal data, is directly violated by this.
TikTok was also found guilty of collecting and processing the personal information of kids without getting sufficient parental authorization. This includes the gathering of browsing history, device details, and location data that were applied to targeted advertising.
Lack of Effective Privacy Settings for Minors: The analysis showed that TikTok lacked proper privacy controls, making it challenging for young users to comprehend and manage their privacy choices. They were exposed to the dangers of data breaches and misuse as a result.
Failure to Report Breaches: TikTok continued to violate GDPR rules by failing to report data breaches promptly.
In addition to acknowledging the penalties, TikTok has released a statement reiterating its dedication to the privacy and security of its users, especially children. The business claimed that it has already taken action to address the EDPB’s concerns and is actively striving to enhance its data protection procedures.
The representative for TikTok stated, “We take our obligation to protect the privacy of our users, especially minors, extremely seriously. “We are committed to upholding the highest standards of data security and privacy,” the company stated in response to the EDPB’s recommendations.
The importance of protecting the privacy of young users is strongly conveyed to social media sites and tech businesses by these sizeable penalties. It also highlights the increased scrutiny that tech industry leaders face in the EU over data privacy and protection.
The GDPR penalty of €345 million is one of the biggest ever levied, reflecting a rigorous enforcement strategy by European authorities. It serves as a reminder that businesses handling user data must have strong safeguards to protect the privacy of minors or face serious repercussions.
The proceeds from the fine will go toward advancing data protection and online safety measures for minors in the European Union.