TikTok fined £12.7m by ICO for misusing children's data
The news comes as security concerns about the popular video-sharing app grow worldwide
TikTok seems as though it can't stay out of trouble, lately. This time, the popular video-sharing app has been fined £12.7m by the UK watchdog for misusing children's data together with other breaches of the UK GDPR.
The Information Commissioner's Office (ICO) said on Tuesday that "an estimated 1 million under-13s were inappropriately granted access to the platform" as of 2020. Meaning the Chinese-owned app may have illegally collected and used their personal data.
TikTok now risks paying £12.7m in fines to the UK government if failing to prove that any wrongdoings actually occurred.
The news comes as security concerns about TikTok's data practices and links to the Chinese government grow worldwide—with the UK being one of the last countries banning the app from government devices and the US considering a total TikTok ban.
Users will need to connect to a VPN service to keep accessing the app in case a total block would be finally implemented.
"TikTok should have done better"
In an official statement announcing the decision, UK Information Commissioner John Edwards said: "TikTok should have known better. TikTok should have done better. Our £12.7m fine reflects the serious impact their failures may have had.
"They did not do enough to check who was using their platform or take sufficient action to remove the underage children that were using their platform."
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The ICO found that, between May 2018 and July 2020, TikTok had been providing their service to users under the age of 13 "without consent or authorization from their parents or carers" going against UK laws.
That isn't everything, though.
"Although the headline in the ICO's press release is that TikTok has been fined for misusing children's personal data, it's interesting to note, particularly with the current spate of government bans on the app on work devices, that the £12.7m fine partly relates to general transparency failures," data lawyer and co-founder of The Privacy Compliance Hub Nigel Jones told TechRadar.
In fact, the Commission also found the social media company responsible for not providing the right information to users on how their data was collected, used, and shared in a way that everyone could understand the consequences.
The social media giant is also said to fail to process UK citizens' personal details in a lawful, fair, and transparent manner.
"We all need to understand exactly what TikTok is doing with our personal data so we can decide for ourselves whether we should delete the app," said Jones.
A TikTok spokesperson ensures the company is investing "heavily to help keep under-13s off the platform," the Guardian reported.
"While we disagree with the ICO's decision, which relates to May 2018 to July 2020, we are pleased that the fine announced today has been reduced to under half the amount proposed last year. We will continue to review the decision and are considering next steps."
The original ICO notice of intent issued in September last year was, in fact, setting the fine at £27 million.
While emphasizing the fact to have changed its practices since the period the ICO investigated - as its CEO recently pledged in front of a congressional hearing in the US - TikTok has now 28 days to make an appeal.
Chiara is a multimedia journalist committed to covering stories to help promote the rights and denounce the abuses of the digital side of life—wherever cybersecurity, markets and politics tangle up. She mainly writes news, interviews and analysis on data privacy, online censorship, digital rights, cybercrime, and security software, with a special focus on VPNs, for TechRadar Pro, TechRadar and Tom’s Guide. Got a story, tip-off or something tech-interesting to say? Reach out to chiara.castro@futurenet.com