According to the EU’s top privacy watchdog, TikTok has been fined 345 million euros ($370 million) for violating the region’s laws on the handling of children’s personal data.

According to a statement from Ireland’s Data Protection Commissioner (DPC), the Chinese-owned short-video platform violated a number of EU privacy laws between July 31, 2020, and December 31, 2020. The platform is popular among teens worldwide and is owned by China.

Due to the placement of their regional headquarters in Ireland, ByteDance-owned TikTok is the first company to have received a reprimand from the DPC, the primary EU regulator for many of the top tech companies.

A representative for TikTok stated that the company disagreed with the verdict, especially the severity of the fine, and that the majority of the criticisms are no longer valid due to the remedies it implemented before the DPC’s investigation got underway in September 2021.

By default, accounts for users under the age of 16 were set to “public” in 2020, according to the DPC, and TikTok failed to confirm that a user was indeed a minor user’s parent or guardian when linked through the “family pairing” option.Family pairing now has stricter parental controls thanks to TikTok, which also altered the default option for all logged-in users under the age of 16 to “private” in January 2021.

A private account will be pre-selected for new 16–17-year-old users when they register for the app starting later this month, according to a statement released by TikTok on Friday. The company also said it aims to update its privacy documents to further clarify the differences between public and private accounts.

When violations were discovered, the DPC granted TikTok three months to bring all of its processing into compliance.

It is currently looking into whether TikTok’s transfer of user data to China conforms with EU data rules when sending that data to nations outside the EU. The DPC stated in March that it was composing a rough draught judgement about that probe.

General Data Protection Regulation (GDPR), which was implemented by the EU in 2018, allows the lead regulator for any specific company to levy fines up to 4% of the company’s global revenue.

The DPC has imposed significant fines on other tech behemoths, including a combined 2.5 billion euros on Meta.

By the end of 2022, it had 22 investigations of international corporations with an Irish basis open.

(Adapted from moneyControl.com)