This week, China’s ByteDance, the owner of short-video service TikTok, was fined €530 million ($600 million) in the European Union for failing to comply with the region’s user data protection rules, after allegedly passing European user data to China.
Image source: Solen Feyissa / unsplash.com
The Irish Data Protection Commission ruled that TikTok failed to prove that its employees in China did not have access to the data of its EU users. As a reminder, the legislation in force in the region requires storing user data in the region. In addition to a large administrative fine, TikTok was ordered to bring its data processing into compliance with EU law within six months.
In response, TikTok representatives expressed their readiness to challenge the regulator’s decision. The company is confident that the current decision does not fully take into account the data security measures that were introduced in 2023 and which provide independent control over remote access and storage of EU user data in special data centers in Europe and the United States. The company specifically noted that it has never received requests from Chinese authorities to access the data of any EU users.
TikTok currently has a user base of around 175 million in Europe. It is also worth noting that this is not the first major fine for the Chinese company in the region. In 2023, TikTok was fined €345 million for violating rules regarding the processing of children’s personal data in the EU.