The European Union’s privacy regulators imposed a hefty fine of 530 million euros ($600 million) on TikTok following a comprehensive four-year investigation into the video-sharing platform’s data handling practices, as per media reports.
The investigation revealed that TikTok had violated the EU’s strict data privacy regulations by transferring the personal data of European users to China, a breach of the General Data Protection Regulation (GDPR).
The fine was levied by Ireland’s Data Protection Commission, which also found that TikTok gad failed to adequately disclose to users the details of where their personal data was being sent.
The Irish watchdog, which acts as the lead data privacy regulator for TikTok within the EU due to the company’s European headquarters being located in Dublin, ordered the platform to comply with the GDPR rules within the next six months.
In response to the fine, TikTok expressed its disagreement with the decision and confirmed its intention to appeal. The company’s European head of public policy and government relations, Christine Grahn, defended the platform’s actions, stating that the investigation only focused on a “select period” that ended in May 2023. She emphasized that the company had since initiated a data localization project, known as Project Clover, which involves constructing three new data centers in Europe to ensure stricter data protection measures.
Grahn further highlighted that Project Clover incorporates stringent data protections, including independent oversight by NCC Group, a prominent European cybersecurity firm.