Ireland regulators probe TikTok, fines could follow

Robert Besser
17 Sep 2021

DUBLIN, Ireland: Ireland's Data Protection Commission (DPC) said it has opened two investigations into video sharing platform TikTok.

The first investigation is examining how TikTok handles children's data, and seeks to determine whether it complies with Europe's General Data Protection Regulation.

The DPC also said it will probe whether TikTok's transfers of personal data to China follows regulations covering personal data transfers to third countries.

"The privacy and safety of the TikTok community, particularly our youngest members, is a top priority. We've implemented extensive policies and controls to safeguard user data and rely on approved methods for data being transferred from Europe, such as standard contractual clauses. We intend to fully cooperate with the DPC," said a TikTok spokesperson, as quoted by techcrunch.com.

The Irish investigation follows pressure from EU data protection authorities and consumer protection groups who have raised concerns about how TikTok handles user data and children's information.

In Italy, TikTok has been ordered to recheck the age of every user in the country, due to concerns about data collected about children.

In response, TikTok removed more than half a million accounts in which they suspected the users were children.

TikTok has pointed out that its technology screens underage users from its platform.

The legality of transferring data out of the EU to third countries remains uncertain. EU rulings have made it clear that authorities in Ireland have a duty to step in and suspend transfers if they suspect people's data are flowing to a third country where it might be at risk.

It has been reported that besides TikTok, the Irish DPC has a large backlog of cross-border date transfer investigations into a number of tech giants.

Within the past weeks, the Irish fined a Facebook-owned company - announcing a $267M fine against WhatsApp for breaching GDPR transparency rules.

Last year, the DPC fined Twitter $550,000 over a data breach dating back to 2018.