The Irish Data Protection Commission (DPC) fined TikTok's parent company, ByteDance, €530 million for breaching EU privacy regulations. The DPC's investigation revealed that TikTok transmitted European user data to China without ensuring its protection from government surveillance. Additionally, the platform failed to be transparent with users about these transfers. Following updates to its privacy policies, TikTok claimed to comply with transparency requirements by 2022, but the penalties reflect serious compliance failures. The DPC will also monitor TikTok and consult with EU authorities regarding future actions due to the seriousness of these violations.
"The DPC is taking these recent developments regarding the storage of EEA User Data on servers in China very seriously," DPC deputy commissioner Graham Doyle said in a statement. "Whilst TikTok has informed the DPC that the data has now been deleted, we are considering what further regulatory action may be warranted, in consultation with our peer EU Data Protection Authorities."
"TikTok's personal data transfers to China infringed the GDPR because TikTok failed to verify, guarantee and demonstrate that the personal data of EEA users, remotely stored in China, was adequately protected against government surveillance."
Collection
[
|
...
]