UK Data Watchdog Fines TikTok £12.7 Million for Misuse of Children’s Data

The UK Information Commissioner’s Office (ICO) has fined social media giant TikTok £12.7 million (€14.5 million) for multiple breaches of UK data protection law. The company was accused of misusing children’s data, including allowing an estimated 1.4 million children under the age of 13 in the UK onto its platform in 2020, despite its own rules prohibiting children of that age from creating an account.

Under UK data protection law, organizations that use the personal data of children under 13 must have parental consent. However, TikTok failed to use children’s personal data lawfully and did not adequately check to identify and remove underage children from its platform.

As a result, an estimated one million under-13s were inappropriately granted access to the platform, and their personal data may have been used to track and profile them, potentially delivering harmful, inappropriate content at their next scroll.

The ICO’s investigation found that a concern was raised internally at TikTok with some senior employees about children under 13 using the platform and not being removed. However, in the ICO’s view, TikTok did not respond adequately.

John Edwards, the UK Information Commissioner, said: “There are laws in place to make sure our children are as safe in the digital world as they are in the physical world. TikTok did not abide by those laws… They did not do enough to check who was using their platform or take sufficient action to remove the underage children that were using their platform.”

TikTok said it disagreed with the watchdog’s decision and stated that it invests heavily in keeping under-13s off the platform. It also said it would continue to review the decision and consider the next steps.

The fine comes amid ongoing scrutiny of the app, owned by Chinese company Bytedance, over data security and privacy concerns. Several countries’ governments have banned employees from downloading the app on official phones and devices due to security fears.

The fine partly relates to general transparency failures, according to Nigel Jones, the co-founder of Privacy Compliance Hub, who added: “We all need to understand exactly what TikTok is doing with our personal data so we can decide for ourselves whether we should delete the app too.”

TikTok’s privacy concerns have been a point of focus in recent months, with the company facing increasing pressure to address these issues. The fine from the ICO is the latest in a series of measures taken by regulators to ensure that social media platforms are using personal data lawfully and fairly.

In addition to the breach of UK data protection law, TikTok has been fined for failing to provide information to its users about how their data is collected, used, and shared in a clear and easily understandable way. The company has also been accused of failing to ensure that UK users’ personal data is processed lawfully and fairly.

The ICO’s decision to fine TikTok sends a strong message to other social media platforms that they must take their responsibility to protect children’s data seriously. It also highlights the importance of transparency in the use of personal data and the need for clear and understandable policies.

As the use of social media continues to grow, it is essential that platforms take a proactive approach to data protection and privacy. Users must have confidence that their personal data is being used in a lawful and ethical manner, and that appropriate safeguards are in place to protect them from harm.

The ICO’s decision to fine TikTok is a step in the right direction, but there is still much work to be done to ensure that social media platforms are meeting their obligations to protect users’ data and privacy. With increasing public concern over these issues, it is likely that we will see further action from regulators in the months and years ahead.