British regulators have hit TikTok with a $15.9 million fine for misusing children’s data as well as violating protections of user data.
The video-sharing platform's data collection practices and ties to the Chinese government have sparked concern within the international community – prompting increased scrutiny and restrictions.
The United Kingdom’s Information Commissioner’s Office fined TikTok and its parent company, Beijing-based ByteDance, following an investigation into data breaches between May 2018 and July 2020. According to the agency, approximately 1.4 million British children under the age of 13 were allowed to use the app despite TikTok’s own age restrictions. The agency contends the platform did not identify and remove children ages 13 and under from the platform and did not get parental consent to process the minors’ data in violation of national law.
"There are laws in place to make sure our children are as safe in the digital world as they are in the physical world. TikTok did not abide by those laws," Commissioner John Edwards of the ICO said in a press release on April 4.
Edwards said TikTok could have used the minors’ data “to track them and profile them, potentially delivering harmful, inappropriate content at their very next scroll.”
“TikTok should have known better. TikTok should have done better. Our £12.7m fine reflects the serious impact their failures may have had,” Edwards added. “They did not do enough to check who was using their platform or take sufficient action to remove the underage children that were using their platform.”
TikTok denounced the ICO decision and the fine.
"We invest heavily to help keep under 13s off the platform and our 40,000-strong safety team works around the clock to help keep the platform safe for our community," TikTok said in a statement, per WLOS. "We will continue to review the decision and are considering next steps."
As a result of its findings, the ICO established the Children’s Code, a statutory code of practice designed to protect children. The rules regulate online services that children are likely to access, including apps, websites, and gaming services. The ICO notes that “data sits at the heart of the digital services children use every day” and the information collected from minor users “inform techniques used to persuade young people to spend more time using services, to shape the content they are encouraged to engage with, and to tailor the advertisements they see.”
“For all the benefits the digital economy can offer children, we are not currently creating a safe space for them to learn, explore and play,” wrote then-Infomraiton Commissioner Elizabeth Denham. “This statutory code of practice looks to change that, not by seeking to protect children from the digital world, but by protecting them within it.”
Concerns about TikTok’s data collection practices for all users, regardless of age, and potential breaches of national security, have prompted the United States, Canada, Britain and New Zealand to restrict the use of the TikTok on government-owned or issued devices. Along with Australia, the four countries make up the intelligence-sharing partnership known as “Five Eyes,” per Euro News.
Additionally, restrictions on TikTok have swept through Europe. Estonia, France, The Netherlands, Norway, Belgium and Denmark all cited cyber security concerns.
The European Parliament, European Commission, and the EU Council currency all prohibit the use of TikTok on staff devices.