TikTok could be hit with £27m fine for failing to protect children's privacy

Social media firm issued with a notice from the ICO for potential violations of UK data protection laws

The TikTok logo on an application store accessed from a smartphone
(Image credit: Shutterstock)
Bobby Hellard's avatar
By
published
in News

Social media firm TikTok could face a £27 million fine under UK data protection laws for failing to protect children's privacy on its platform.

TikTok reportedly suffers data breach What is the Information Commissioner’s Office (ICO)? TikTok refutes allegations of a massive security breach

The Information Commissioner's Office (ICO) has issued a notice of intent to TikTok and TikTok Information Technologies UK, following an investigation into the company's practices.

The notice - which is a legal document that precedes a potential fine - explains the ICO's provisional view that TikTok breached UK data protection law between May 2018 and July 2020.

It alleges that TikTok processed the data of children who were under the age of 13 without appropriate parental consent and that the company failed to provide proper information to its users in a concise, transparent and easily understandable way. The notice also accuses TikTok of processing special category data, such as personal information revealing ethnic origin or political opinions, without the legal grounds to do so.

"While we respect the ICO's role in safeguarding privacy in the UK, we disagree with the preliminary views expressed and intend to formally respond to the ICO in due course," a TikTok spokesperson said.

It is worth noting here that the Commissioner's findings are provisional and that no conclusions should be drawn at this stage. TikTok, in theory, could walk away without any penalty being imposed and a representative from the company will have the chance to argue its case to the ICO before a final decision is made.

"We all want children to be able to learn and experience the digital world, but with proper data privacy protections," information commissioner, John Edwards, said. "Companies providing digital services have a legal duty to put those protections in place, but our provisional view is that TikTok fell short of meeting that requirement."

RELATED RESOURCE

Cyber resiliency and end-user performance

Reduce risk and deliver greater business success with cyber-resilience capabilities

FREE DOWNLOAD

Edwards added that the regulator's work to better protect children online involves working with organisations, such as TikTok, but that it will also involve enforcement action "where necessary".

In addition to this, Edwards said the ICO was currently looking into how over 50 different online services are conforming with the Children's code. He also revealed that the watchdog has six ongoing investigations looking into companies providing digital services. What's more, in its initial view, Edwards added that these companies hadn't taken their responsibilities around child safety seriously enough. Which suggests more notices could be coming.

Bobby Hellard
Bobby Hellard

Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.

Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.

Latest
You might also like
View More ▸