TikTok faces €530m fine from EU for data privacy violations

TikTok has been slapped with a €530 million fine by the European Union for breaches regarding how it deals with user data.

The Irish Data Protection Commissioner (DPC) said TikTok did not show evidence that the EU’s high standard of data protection had been applied to its European user’s data. This allowed Chinese authorities to access EU data.

TikTok is owned by ByteDance, a Chinese company, meaning its data is susceptible to access by Chinese government agencies and law enforcement.

You’re out of free articles for this month

Username or Email

Password Forgot password?

Keep me signed in on this device.

First Name

Last Name

Mobile

Organisation Type

By becoming a member, I agree to receive information and promotional messages from Cyber Daily. I can opt out of these communications at any time. For more information, please visit our Privacy Statement.

Need help signing up? Visit the Help Centre.

TikTok said it plans to appeal the ruling, claiming it used the EU legal framework and standard contractual clauses to limit remote access.

“This ruling risks setting a precedent with far-reaching consequences for companies and entire industries across Europe that operate on a global scale,” said TikTok.

It also argued that the EU did not take into account the data security amendments it made in 2023 that ensure EU user data is stored in the EU and the US and that monitor remote access independently.

However, the EU revealed last month that it had discovered a small amount of data was stored in China. That data has since been deleted.

VIEW ALL

“The DPC is taking these recent developments very seriously. We are considering what further regulatory action may be warranted,” said DPC deputy commissioner Graham Doyle.

This is the second fine TikTok has been issued by the DPC after it was fined €345 million in 2023 for breaching EU legislation regarding the data management and processing of child data.

The fine followed probes launched in 2021. The first was to establish TikTok’s level of compliance with the EU’s General Data Protection Regulation, or GDPR, specifically its data protection by design mandate, and how the app handles users below the age of 18 and their data.

The second inquiry related to the transfer of data between TikTok and China and how that related to the GDPR’s requirements for data transfer to third-party countries.

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

You need to be a member to post comments. Become a member for free today!

newsletter

Be the first to hear the latest developments in the cyber industry.

TikTok faces €530m fine from EU for data privacy violations

Daniel Croft

OUR PLATFORMS AND BRANDS

EVENTS AND SUMMITS

PODCASTS

LEARNING AND EDUCATION

MOMENTUM MARKETS NETWORK

LINKS

STAY CONNECTED