UK could fine TikTok $29m over data collection practices
Britain’s privacy regulator, the Information Commissioner’s Office, can fine TikTok Inc. 27 million pounds or $28.9 million for its data collection practices.
The ICO announced the development today. It also released a document known as the Notice of Intent to TikTok and its UK subsidiary, TikTok Information Technologies UK Ltd. The notice of intent often precedes a fine, but it is not yet certain that the ICO will decide to issue the potential $29 million. sadness.
The ICO’s decision to raise the prospect of a fine follows an investigation into how TikTok handles children’s data. The regulator has determined that between May 2018 and July 2020, TikTok may have processed the data of children under 13 in breach of UK data protection law.
As part of its investigation, the ICO has reached the tentative conclusion that TikTok may have processed children’s data without proper parental consent. ICO officials also believe that TikTok may have processed special category data, a legal term that encompasses several types of sensitive user data, without a “legal basis to do so.”
The third preliminary finding of the ICO investigation relates to how TikTok discloses its information collection practices to users. According to the ICO, the company “has failed to provide appropriate information to its users in a concise, transparent, and easily understandable manner.”
“We all want children to be able to learn and experience the digital world, but with appropriate data privacy protections,” said Information Commissioner John Edwards. “Companies providing digital services have a legal obligation to put these protections in place, but our preliminary view is that TikTok has failed to meet this requirement.”
The conclusions of the ICO are not final. TikTok can provide feedback on the investigation within 30 days and, based on the company’s feedback, ICO officials will determine whether or not to issue the potential $29 million fine. . The regulator may also decide to reduce the amount of the fine.
“While we respect the ICO’s role in protecting privacy in the UK, we do not agree with the preliminary views expressed and intend to respond formally to the ICO in due course. “, a TikTok spokesperson told CNBC in a statement.
Companies that breach UK data protection laws can be fined up to 17.5 million pounds, the equivalent of $18.7 million, or 4% of their revenue. worldwide annual business, whichever is greater. The ICO can also order companies to change business practices that do not meet data protection requirements.