0 4 min 1 yr

TikTok has been fined €345m (£296m) by European regulators for failing to protect children’s privacy and putting them at risk of “online exploitation or grooming”.

The Irish Data Protection Commission, the data watchdog responsible for TikTok under the bloc’s rules, found the social media network had left children’s accounts exposed to the public by default, rather than implementing stricter privacy settings for younger users.

When signing up, all TikTok users, including those under the age of 16, were able to skip an option that would have made their account more secure. Instead, by default, their account would be broadcast “to a global audience of millions”.

The fine is TikTok’s largest ever financial penalty and its first under European data rules.

In its ruling, the regulator accused TikTok of using so-called dark patterns to nudge users towards lowering their privacy settings when using the app.

The regulator said TikTok’s settings left children’s videos exposed online to “bad actors” and “dangerous individuals”. The fine related to TikTok’s policies between July 2020 and December 2020.

Helen Dixon, Ireland’s data protection commissioner, also investigated TikTok’s “family pairing” feature, introduced in April 2020, which allowed an adult user to pair with the account of a child. To do so, they had to scan a QR code on the child’s phone.

While intended to be used by parents or guardians, the data regulator found TikTok did not verify the user was a relative.

Once they were paired with another TikTok user, that user could then remotely enable direct messaging on the child’s account, provided their account said they were over the age of 16.

A TikTok spokesman said: “We respectfully disagree with the decision, particularly the level of the fine imposed.”

TikTok, which is owned by the Chinese company Bytedance, said changes had been made to the app to improve childrens’ privacy prior to the investigation. All accounts used by under 16s have been set to private by default since January 2021.

The video sharing app has been under pressure over its use of user data and been accused by US officials of posing a security risk, something TikTok denies.

The app is also facing an ongoing investigation by Ireland’s privacy watchdog that it allowed European data to be transferred to China in violation of the bloc’s data regulations.

Europe has further tightened up its rules on Big Tech giants, announcing its new Digital Services Act which adds further responsibilities to the world’s largest technology companies, including TikTok.

The European fine follows a £12.7m fine levied by Britain’s Information Commissioner’s Office. The regulator said between May 2018 and July 2020 TikTok had offered its services to children under the age of 13 without parental consent. TikTok said it disagreed with the decision.

Elaine Fox, TikTok’s head of privacy for Europe, said: “We will not hesitate to make significant changes to product features and processes to ensure TikTok meets the high standard of European safety and privacy regulation.”

The data watchdog also found TikTok had not done enough to properly assess the risk of users under the age of 13 gaining access to its app and having their data exposed.

Leave a Reply

Your email address will not be published. Required fields are marked *