Why TikTok got hit with a $600 million fine from EU privacy watchdogs

European Union privacy watchdogs fined TikTok 530 million euros ($600 million) on Friday after a four-year investigation found that the video-sharing app’s data transfers to China breached strict data privacy rules in the EU.

Ireland’s Data Protection Commission also sanctioned TikTok for not being transparent with users about where their personal data was being sent and it ordered the company to comply with the rules within six months.

The Irish national watchdog serves as TikTok’s lead data privacy regulator in the 27-nation EU because the company’s European headquarters is based in Dublin.

“TikTok failed to verify, guarantee and demonstrate that the personal data of (European) users, remotely accessed by staff in China, was afforded a level of protection essentially equivalent to that guaranteed within the EU,” Deputy Commissioner Graham Doyle said in a statement.

TikTok said it disagreed with the decision and plans to appeal.

The company said in a blog post that the decision focuses on a “select period” ending in May 2023, before it embarked on a data localization project called Project Clover that involved building three data centers in Europe.

“The facts are that Project Clover has some of the most stringent data protections anywhere in the industry, including unprecedented independent oversight by NCC Group, a leading European cybersecurity firm,” said Christine Grahn, TikTok’s European head of public policy and government relations. “The decision fails to fully consider these considerable data security measures.”

TikTok, whose parent company ByteDance is based in China, has been under scrutiny in Europe over how it handles personal information of its users amid concerns from Western officials that it poses a security risk over user data sent to China. In 2023, the Irish watchdog also fined the company hundreds of millions of euros in a separate child privacy investigation.

The Irish watchdog said its investigation found that TikTok failed to address “potential access by Chinese authorities” to European users’ personal data under Chinese laws on anti-terrorism, counter-espionage, cybersecurity and national intelligence that were identified as “materially diverging” from EU standards.

Grahn said TikTok has “has never received a request for European user data from the Chinese authorities, and has never provided European user data to them.”

Under the EU rules, known as the General Data Protection Regulation, European user data can only be transferred outside of the bloc if there are safeguards in place to ensure the same level of protection.

Grahn said TikTok strongly disagreed with the Irish regulator’s argument that it didn’t carry out “necessary assessments” for data transfers, saying it sought advice from law firms and experts. She said TikTok was being “singled out” even though it uses the “same legal mechanisms” that thousands of other companies in Europe does and its approach is “in line” with EU rules.

The investigation, which opened in September 2021, also found that TikTok’s privacy policy at the time did not name third countries, including China, where user data was transferred. The watchdog said the policy, which has since been updated, failed to explain that data processing involved “remote access to personal data stored in Singapore and the United States by personnel based in China.”

TikTok faces further scrutiny from the Irish regulator, which said that the company had provided inaccurate information to throughout the inquiry by saying that it didn’t store European user data on Chinese servers. It wasn’t until April that it informed the regulator that it discovered in February that some data had in fact been stored on Chinese servers.

Doyle said that the watchdog is taking the recent developments “very seriously” and “considering what further regulatory action may be warranted.”

—Kelvin Chan, AP Business Writer

https://www.fastcompany.com/91327574/why-tiktok-hit-600-million-fine-eu-privacy-watchdogs?partner=rss&utm_source=rss&utm_medium=feed&utm_campaign=rss+fastcompany&utm_content=rss

Erstellt 3mo | 02.05.2025, 14:30:03


Melden Sie sich an, um einen Kommentar hinzuzufügen

Andere Beiträge in dieser Gruppe

Russia restricts WhatsApp and Telegram calls

Russian authorities announced Wednesday they were “partially” restricting calls in messaging apps Telegram and WhatsApp, the latest step in an 

13.08.2025, 20:30:08 | Fast company - tech
Amazon expands same-day perishable grocery delivery

Amazon is rolling out a service where its Prime members can now order their blueberries and milk at the same time as basic items like batte

13.08.2025, 20:30:07 | Fast company - tech
Most people are using ChatGPT totally wrong—and OpenAI’s CEO just proved it

How did you react to the August 7 release of GPT-5, OpenAI’s latest version of ChatGPT? The company behind the model h

13.08.2025, 18:20:04 | Fast company - tech
This mine feeds the tech world and fuels a rebel war

Under the watchful eye of M23 rebels in the hills around the Congolese town of Rubaya, a line of men in rubber boots ferry sacks full of crushed rocks up winding paths cut into the slopes.

13.08.2025, 18:20:03 | Fast company - tech
This free web timer puts your computer’s Clock app to shame

For something as simple as setting a timer, the built-in apps on our computers can be awfully fiddly.

Usually you have to open a Clock app first, then navigate to a separate tab for time

13.08.2025, 11:20:08 | Fast company - tech
Is agentic AI more than hype? This company thinks it knows how to find out

Over the past five years, advances in AI models’ data processing and r

13.08.2025, 11:20:06 | Fast company - tech
How AI can finally fix prior authorization

If you’ve ever been a patient waiting—days, sometimes more than a week—for treatment approval, or a clinician stuck chasing it, you know what prior authorization feels like. Patients sit in limbo,

13.08.2025, 11:20:04 | Fast company - tech