Irish privacy watchdog hits TikTok with 530 million euro fine in China data transfer investigation

LONDON AP European Union privacy watchdogs fined TikTok million euros million on Friday after a four-year examination revealed that the video sharing app s details transfers to China breached strict statistics privacy rules in the EU Ireland s Statistics Protection Commission also sanctioned TikTok for not being transparent with users about where their personal details was being sent and it ordered the company to comply with the rules within six months The Irish national watchdog serves as TikTok s lead content privacy regulator in the -nation EU because the company s European headquarters is based in Dublin TikTok failed to verify guarantee and demonstrate that the personal information of European users remotely accessed by staff in China was afforded a level of protection essentially equivalent to that guaranteed within the EU Deputy Commissioner Graham Doyle commented in a report TikTok reported it disagreed with the decision and plans to appeal The company disclosed in a blog post that the decision focuses on a select period ending in May before it embarked on a statistics localization project called Project Clover that involved building three statistics centers in Europe The facts are that Project Clover has particular of the the bulk stringent facts protections anywhere in the industry including unprecedented independent oversight by NCC Group a leading European cybersecurity firm declared Christine Grahn TikTok s European head of constituents procedures and administration relations The decision fails to fully consider these considerable material protection measures TikTok whose parent company ByteDance is based in China has been under scrutiny in Europe over how it handles personal information of its users amid concerns from Western leaders that it poses a safety vulnerability over user information sent to China In the Irish watchdog also fined the company hundreds of millions of euros in a separate child privacy inquiry The Irish watchdog explained its probe revealed that TikTok failed to address feasible access by Chinese officers to European users personal details under Chinese laws on anti-terrorism counter-espionage cybersecurity and national intelligence that were identified as materially diverging from EU standards Grahn commented TikTok has has never received a request for European user statistics from the Chinese leadership and has never provided European user content to them Under the EU rules known as the General Statistics Protection Regulation European user records can only be transferred outside of the bloc if there are safeguards in place to ensure the same level of protection Grahn disclosed TikTok strongly disagreed with the Irish regulator s argument that it didn t carry out necessary assessments for facts transfers saying it sought advice from law firms and experts She noted TikTok was being singled out even though it uses the same legal mechanisms that thousands of other companies in Europe does and its approach is in line with EU rules The review which opened in September also determined that TikTok s privacy agenda at the time did not name third countries including China where user input was transferred The watchdog revealed the protocol which has since been updated failed to explain that content processing involved remote access to personal records stored in Singapore and the United States by personnel based in China TikTok faces further scrutiny from the Irish regulator which announced that the company had provided inaccurate information to throughout the inquiry by saying that it didn t store European user statistics on Chinese servers It wasn t until April that it informed the regulator that it discovered in February that particular statistics had in fact been stored on Chinese servers Doyle stated that the watchdog is taking the newest developments very seriously and considering what further regulatory action may be warranted