TikTok Gets Slapped with a Massive €345 Million Fine for Mishandling Kids’ Data in Europe

TikTok, the famous short video app, just got hit with a colossal fine of €345 million (around $368 million) by the folks at the Irish Data Protection Commission (DPC). What’s the deal? Well, it turns out TikTok didn’t play nice with kids’ data, and that’s a big no-no according to Europe’s data protection rules, the GDPR. This whole mess started back in September 2021 when the DPC launched an investigation. They wanted to know how TikTok was handling the personal info of young users, specifically those aged 13 to 17, during a specific period — from July 31 to December 31, 2020.

So, what did they find? Some pretty shady stuff:

1. Public by Default: TikTok was letting kids’ videos go public without asking. This meant anyone and everyone could see what these young users were posting, which was not great for their safety.
2. Keeping Secrets: TikTok apparently wasn’t very transparent with these young users about what they were doing with their info.
3. Tricky Tactics: They were accused of using sneaky tricks, called “dark patterns,” to get users to choose privacy-invading options when signing up and posting videos.
4. Family Flaw: There was a major security hole in the Family Sharing feature. It allowed non-child users (basically, folks who weren’t verified as parents or guardians) to link their accounts to minors’. That meant adults could access direct messages from kids above 16 years old. Yikes!.

Apart from the jaw-dropping fine, the DPC is giving TikTok a three-month deadline to get its act together and follow the GDPR rules. Anu Talus, who chairs the European Data Protection Board (EDPB), said social media companies, especially when dealing with kids, should be fair in presenting choices. Privacy options should be crystal clear and not full of sneaky language or tricks. TikTok, on the other hand, didn’t take this lying down. They fired back, saying most of the criticism was about things they did three years ago. They’ve changed their ways, they claim, by making all accounts for users under 16 private by default. But it’s still not clear if they’ll fight this fine in court.

On top of that, TikTok is rolling out a new registration process for 16 and 17-year-olds. Now, these accounts will start off as private. TikTok is no small fry; it has about 134 million monthly users in the European Union. This massive fine comes right after TikTok got dinged €5 million (roughly $5.4 million) by French data protectors in early 2023 for playing fast and loose with cookie consent and making it way too tricky for users to opt out.