Irish privacy watchdog investigates TikTok’s handling of data
When it comes to the social media, privacy has always been a serious issue. Especially when it involves teenagers and minors. Recently, Tiktok, the famous video-sharing focused social networking service came under fire for mishandling of the children’s personal data. The Irish Guarantor – the Irish Data Protection Commission (DPC) – is carrying out two investigations into issues related to the security of data shared with the Tiktok app, particularly those of minors.
Tiktok is challenged with processing the data of its underage users and how it verifies that the user is not under the age of 13. It is not the first time that the Irish watchdog has investigated such issues. In October 2020, it announced Instagram’s scrutiny of handling children’s data, accused of exposing the information of millions of its users.
The Irish supervisory body also investigates whether the processing of children’s data is in line with European Union laws on transferring personal data to other countries, such as China. TikTok is owned by the Chinese company ByteDance and has repeatedly faced charges of sharing data with companies in the Dragon or even with the government. For this reason, the former president of the United States, Donald Trump, had tried to ban the application that was previously ousted from the Indian market.
TikTok’s response
The company has always denied these reconstructions and has also pledged to move its servers out of China. A data center is expected to open in Ireland next year. TikTok responded to the new investigations by claiming that “the privacy and security of the community, especially our younger members, are our top priority.”
This year, the app has become the most downloaded in the world and has already made a series of changes in recent months to try to protect itself from privacy problems. In January, it made all under-16 accounts private by default and deleted millions of user-profiles it believed were under the age of 13.
In the statement released in response to the opening of the investigation, TikTok promised to make the privacy policies easier to read “for users between 13 and 18 years old,” thanks to summaries. The app will also introduce a privacy video section dedicated to teenagers called Privacy Pills. This will make Tiktok privacy policies easy to understand for the masses.
If found guilty of non-compliant treatment, the company would risk a fine of up to 4% of its global revenue. The Irish Privacy Supervisor is the main regulator of the European Union for many of the world’s leading tech companies as they have their regional headquarters in Ireland and has however been criticized several times in recent months for the extent of its sanctions and for the slowness in the management of the cases it deals with.
Despite receiving funding of 19.1 million Euros to ensure compliance with the measures of the GDPR, the authority does not stand out for its productivity. As reported by the organization for protecting personal data, “Noyb,” out of 10 thousand complaints submitted, only 6 or 7 have received a formal decision in the last year, which makes less than 1%.
Last month, the Guarantor fined Facebook’s WhatsApp for a record 225 million euros for violating the GDPR. Initially, the fine imposed in March was much smaller, but the body was forced to review its decision by the Commission. However, the 225 million fine represents only “0.08% of the group’s turnover” and not 4%, as pointed out by Max Schrems, Austrian lawyer for digital rights and founder of Noyb. At the end of last year, the Guarantor had 27 international investigations underway, and 14 of these concerned Facebook and its companies.
