TikTok, the popular social media platform owned by ByteDance, is reportedly facing a massive fine of over €500 million ($553 million) for allegedly transferring private user data from European Union countries to China. This penalty follows a four-year investigation into the company’s data handling practices, with a decision expected by the end of April.
The GDPR Violation
The investigation, conducted by Ireland’s Data Protection Commission (DPC), uncovered evidence that ByteDance violated the EU’s General Data Protection Regulation (GDPR) by allowing engineers in China to access European users’ private information. Although TikTok initially claimed that data was transferred to the U.S. and not China, it was revealed that Chinese-based engineers could still access the data for maintenance and AI purposes.
Helen Dixon, the former Irish Data Protection Commissioner, emphasized in March 2021 that there were serious concerns about the potential access of data by engineers based in China. This raised alarms about the safety and privacy of European users, especially considering China’s reputation for advanced surveillance technologies.
Ireland’s Role in Enforcement
As TikTok’s European headquarters are located in Dublin, Ireland is responsible for overseeing the enforcement of GDPR regulations within the EU. Under the GDPR framework, the country of a company’s European operations must handle compliance and penalties. While the final decision on the fine has not been made yet, Bloomberg reports that the penalty could be imposed soon.
Ongoing Troubles for ByteDance
This fine is not the only challenge facing ByteDance this week. The company is also grappling with the future of its U.S. operations, with an impending April 5 deadline to find a buyer or risk facing a ban in the United States. Possible outcomes range from a buyout to restructuring its U.S. business into an independent global entity.
For more details, check the full article on Engadget.