Besides a potential buyout of its US division, TikTok has been levied a €530 Million fine for sharing the data of EU customers to China without proper safeguards.
Ireland’s Data Protection Commission (DPC) on Friday fined popular video-sharing platform TikTok €530 million ($601 million) for infringing data protection regulations in the region by transferring European users’ data to China.
“TikTok infringed the GDPR regarding its transfers of EEA [European Economic Area] User Data to China and its transparency requirements,” the DPC said in a statement. “The decision includes administrative fines totaling €530 million and an order requiring TikTok to bring its processing into compliance within 6 months.”
The order, in addition, requires the company to suspend data transfers to China within the time period.
The penalty is the result of an investigation that was launched in September 2021 that probed the company’s transfer of personal data to China and its compliance with stringent data protection laws regarding data transfers to third countries.
Commenting on the decision, DPC Deputy Commissioner Graham Doyle said TikTok’s personal data transfers to China went against Article 46(1) of the General Data Protection Regulation (GDPR) because it failed to verify and guarantee that the personal data of EEA users was given equivalent privacy protections to that afforded within the bloc.