The Irish privacy regulator, which is responsible for TikTok in the EU, will investigate how the company manages children’s data and whether it transfers data to China.
The Irish Data Protection Commission is the main regulator in the EU for a whole host of tech giants, including Facebook, Google and TikTok, because they have their European headquarters in the country. The committee is, therefore, quite busy and is now adding two more investigations. The first of these revolves around the processing of the personal data of minors.
TikTok is especially popular with teenagers and has previously been accused of collecting data from children, which is not allowed under European privacy regulations. However, in August, the social network already announced stricter privacy rules for teenagers, possibly in part in response to the many lawsuits around this.
A second investigation by the Irish regulator is about data transfers. TikTok is owned by Bytedance, a Chinese tech giant, and is said to send personal data to China. The question is to what extent this is in line with the GDPR. According to TikTok itself, everything runs smoothly here, partly because standard contracts are used to send data outside the EU.
If the Irish regulator decides that rules have been broken, the organization can impose fines of up to 4% of a company’s revenue. However, the privacy committee is increasingly criticized for the slowness with which it works and the soft hand with which it treats the tech companies in the country. Some 98 percent of the 164 major privacy complaints lodged with the regulator would go unaddressed, the Irish Council for Civil Liberties said in a report.