TikTok Faces 345 Million Euro Fine for Mishandling Children’s Data in Europe

On September 1, 2023, The Data Protection Commission of Ireland reached a final decision following its investigation into TikTok Technology Limited.

The investigation’s objective was to assess TikTok’s compliance with GDPR requirements regarding the processing of personal data from child users, specifically focusing on public default settings and age verification at sign-up, covering the period from July 31, 2020, to December 31, 2020.

▫️The final decision concluded that TikTok had failed in its responsibilities by not adequately considering the risks posed to users under the age of 13. This failure was evident in the decision to set default account settings to public, enabling anyone to access content from underage users. However, it’s important to note that this violation pertains to Article 24, which governs the responsibilities of data controllers, rather than a direct violation of GDPR language concerning data protection by design.

The DPC has given TikTok a three-month grace period to rectify non-compliant practices identified during the investigation.

🖇The General Data Protection Regulation (GDPR) is a comprehensive data protection framework that directly applies to 27 European Union countries and three European Economic Area countries. It’s essential to remember that even companies based outside the EU and EEA, without a physical presence in these regions, can fall under GDPR jurisdiction if they offer their goods or services to EU residents or monitor the behavior of EU individuals.

It’s worth emphasizing that GDPR compliance is crucial for maintaining a reputable and successful business operation.

Mayon Company boasts a team of experienced specialists ready to assist in developing your business projects to ensure GDPR compliance.