Color us not surprised...
TikTok has been fined €530 million by Ireland’s Data Protection Commission (DPC) for illegally transferring Europeans’ personal data to China and failing to be transparent with users, according to the Free Beacon and Politico.
In its first ruling on data transfers to China, the DPC said TikTok failed to properly assess how Chinese surveillance laws could impact the safety of European user data and couldn’t ensure adequate protection once the data was transferred.
This is the third-largest fine ever imposed under the EU’s General Data Protection Regulation (GDPR). As TikTok’s EU headquarters are in Ireland, the Irish DPC serves as its lead regulator.
During the inquiry, TikTok admitted that Chinese surveillance laws—giving authorities broad powers to demand data access—“materially diverge from EU standards.” Despite previously claiming it did not store European or U.S. user data in China, TikTok informed the DPC in April that it had discovered in February that “limited EEA User Data” had, in fact, been stored there.
