Ireland probes TikTok’s handling of kids’ data and transfers to China
Ireland’s Data Protection Commission (DPC) has yet another Big Tech GDPR probe to add to its pile: The regulator said yesterday it has opened two investigations into video sharing platform TikTok.
The first covers how TikTok handles children’s data, and whether it complies with Europe’s General Data Protection Regulation.
The DPC also said it will examine TikTok’s transfers of personal data to China, where its parent entity is based — looking to see if the company meets requirements set out in the regulation covering personal data transfers to third countries.
TikTok was contacted for comment on the DPC’s investigation.
A spokesperson told us:
The privacy and safety of the TikTok community, particularly our youngest members, is a top priority. We’ve implemented extensive policies and controls to safeguard user data and rely on approved methods for data being transferred from Europe, such as standard contractual clauses. We intend to fully cooperate with the DPC.
The Irish regulator’s announcement of two “own volition” enquiries follows pressure from other EU data protection authorities and consumers protection groups which have raised concerns about how TikTok handles’ user data generally and children’s information specifically.
In Italy this January, TikTok was ordered to recheck the age of every user in the country after the data protection watchdog instigated an emergency procedure, using GDPR powers, following child safety concerns.
TikTok went on to comply with the order — removing more than half a million accounts where it could not verify the users were not children.
This year European consumer protection groups have also raised a number of child safety and privacy concerns about the platform. And, in May, EU lawmakers said they would review the company’s terms of service.
On children’s data, the GDPR sets limits on how kids’ information can be processed, putting an age cap on the ability of children to consent to their data being used. The age limit varies per EU member state but there’s a hard cap for kids’ ability to consent at 13 years old (some EU countries set the age limit at 16).
In response to the announcement of the DPC’s enquiry, TikTok pointed to its use of age-gating technology and other strategies it said it uses to detect and remove underage users from its platform.
It also flagged a number of recent changes it’s made around children’s accounts and data — such as flipping the default settings to make their accounts private by default and limiting their exposure to certain features th
Be the first to write a comment.
