TikTok fined for failing to protect privacy of UK children

Video sharing app TikTok has been fined by the UK’s data watchdog for failing to protect children’s privacy. 

The £12.7m fine comes after an investigation by the Information Commissioner’s Office which found that the hugely popular app has breached data protection law between May 2018 and July 2020. 

John Edwards, the UK’s Information Commissioner, said: ‘There are laws in place to make sure our children are as safe in the digital world as they are in the physical world. TikTok did not abide by those laws. 

‘As a consequence, an estimated one million under 13s were inappropriately granted access to the platform, with TikTok collecting and using their personal data. That means that their data may have been used to track them and profile them, potentially delivering harmful, inappropriate content at their very next scroll.’

Contraventions outlined by the ICO related to the UK GDPR rules and included providing services to children under the age of 13 and collecting their data without parental consent, failing to properly inform users about how their data was collected and used, and failing to ensure that the personal data of UK users was processed ‘lawfully, fairly and in a transparent manner.’ 

The news of the fine, which had already been previewed by a notice of intent in September, will not be welcome news for TikTok, which has been under increased scrutinisation in the UK and US over concerns about the company’s use of data and its relation to China. 

However, the ICO’s fine is not related to any concerns about China’s access to data held by TikTok. 

Subsequently UK government devices were banned from downloading the app due to a purported fear that it could provide access to data on the devices by China, as TikTok’s parent company ByteDance is based in Beijing and has previously worked with the Chinese Communist Party. 

Similar governmental device bans have been instituted in Canada, Denmark, Belgium, New Zealand and the US whilst many Asian countries have banned the app completely, including India, Pakistan, Afghanistan and Armenia. 

Additionally, many countries have opened data protection investigations into the company for various reasons including the type of content held on the platform, use of private information and the collection of data. 

A US congressional hearing recently conducted with the CEO of the company was held amidst rumours of a federal ban for TikTok, though the congresspeople conducting the hearing were criticised by many for an apparent lack of understanding of the app’s functions and wider technology. 

TikTok is not the only large tech company to face fines over data breaches in recent months, with Facebook and Instagram’s parent company Meta receiving a £230m fine for breaching EU data protection laws late last year.

Photo by Solen Feyissa