You have 0 free articles left this month.
Register for a free account to access unlimited free content.
Powered by MOMENTUM MEDIA
lawyers weekly logo

Powered by MOMENTUMMEDIA

Breaking news and updates daily. Subscribe to our Newsletter
Advertisement

TikTok faces €530m fine from EU for data privacy violations

TikTok has been slapped with a €530 million fine by the European Union for breaches regarding how it deals with user data.

TikTok faces €530m fine from EU for data privacy violations
expand image

The Irish Data Protection Commissioner (DPC) said TikTok did not show evidence that the EU’s high standard of data protection had been applied to its European user’s data. This allowed Chinese authorities to access EU data.

TikTok is owned by ByteDance, a Chinese company, meaning its data is susceptible to access by Chinese government agencies and law enforcement.

TikTok said it plans to appeal the ruling, claiming it used the EU legal framework and standard contractual clauses to limit remote access.

“This ruling risks setting a precedent with far-reaching consequences for companies and entire industries across Europe that operate on a global scale,” said TikTok.

It also argued that the EU did not take into account the data security amendments it made in 2023 that ensure EU user data is stored in the EU and the US and that monitor remote access independently.

However, the EU revealed last month that it had discovered a small amount of data was stored in China. That data has since been deleted.

“The DPC is taking these recent developments very seriously. We are considering what further regulatory action may be warranted,” said DPC deputy commissioner Graham Doyle.

This is the second fine TikTok has been issued by the DPC after it was fined €345 million in 2023 for breaching EU legislation regarding the data management and processing of child data.

The fine followed probes launched in 2021. The first was to establish TikTok’s level of compliance with the EU’s General Data Protection Regulation, or GDPR, specifically its data protection by design mandate, and how the app handles users below the age of 18 and their data.

The second inquiry related to the transfer of data between TikTok and China and how that related to the GDPR’s requirements for data transfer to third-party countries.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.
You need to be a member to post comments. Become a member for free today!

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.