TikTok is facing a massive fine in Europe. The social media giant could be slapped with a penalty of over 500 million euros. This is due to the illegal transfer of European user data to China.
According to Bloomberg, the fine is expected to be issued by the Irish Data Protection Commission (DPC) before the end of April.
This decision comes after a thorough investigation started in 2021 by the DPC. The DPC acts as TikTok’s main regulator in the European Union. The investigation found that ByteDance, TikTok’s parent company, breached the General Data Protection Regulation (GDPR).
The company transferred European user information to China, where it was accessible to the company’s engineers. If confirmed, the fine would be one of the highest imposed by the Irish regulator. It could be the third-highest fine after Meta and Amazon were fined 1.2 billion and 746 million euros, respectively.
The exact amount and the final decision date might still change. In addition to the fine, the DPC will also order TikTok to suspend the processing of data in China that was sent there illegally.
The GDPR allows European state agencies to take control of decisions regarding foreign companies operating in their territories. Companies can also appeal any sentence, so ByteDance might appeal to the Irish courts.
This is not the first time TikTok has been fined. In September 2023, the company received a 345 million euro fine for mishandling minors’ personal data.
Consequences for TikTok
The fine and the suspension of data processing in China could have significant consequences for TikTok. The company might need to rethink its data handling practices to comply with the GDPR.
This could involve setting up new data centers in Europe or using other measures to ensure that European user data is not transferred to China illegally.
The fine and the suspension could also damage TikTok’s reputation and user trust. The company has been under scrutiny for its data handling practices, and this decision might lead to a loss of users and revenue.
Implications for Other Companies
The decision also has implications for other companies operating in Europe. It shows that the DPC is serious about enforcing the GDPR and that companies can face significant fines for non-compliance.
Other companies might need to review their data handling practices to ensure they comply with the GDPR. This could involve investing in new data protection measures or changing their business practices.
The decision is a reminder that data protection is a critical issue in Europe, and companies must take it seriously to avoid significant fines and reputational damage.
- The fine is expected to be over 500 million euros.
- The DPC started the investigation in 2021.
- ByteDance breached the GDPR by transferring European user data to China.
- TikTok might appeal the decision to the Irish courts.
- The company received a 345 million euro fine in September 2023 for mishandling minors’ personal data.