Ireland’s Data Protection Commission has opened two investigations into TikTok, focusing on the platform’s handling of children’s personal data, and the transfer of information to China, where TikTok’s parent company is based.
The inquiries were announced by the Data Protection Commission (DPC) on Tuesday, with the first to investigate whether TikTok complies with the European General Data Protection Regulation (GDPR) and separate Irish law regarding “platform settings for users under age 18 and age verification measures for persons under 13.”
The second inquiry will examine “transfers by Tiktok of personal data to China.” No further information was given by the DPC.
TikTok, owned by Chinese tech firm ByteDance, has headquarters in several European countries, but its team in Dublin is responsible for overseeing the privacy of all 100 million European users.
Most major tech firms, including Google, Apple, Facebook, and Twitter, have their European headquarters in Ireland, owing largely to the country’s low corporate tax rate. As such, it has fallen on the DPC to ensure that these firms comply with Europe-wide data privacy laws. The DPC has been accused, however, of neglecting to do its job.
While the DPC issued a record €225 million ($266 million) fine to WhatsApp earlier this month, a report by the Irish Council for Civil Liberties, published on Monday, found that the DPC has not yet taken action in 98% of GDPR cases referred to Ireland.
“Three and a half years after the introduction of the GDPR, EU GDPR enforcement against Big Tech is paralysed by Ireland’s failure to deliver draft decisions on major cross-border cases,” the report read.
The report highlighted underfunding and the relatively high volume of cases the DPC handles compared to regulators in other EU states as reasons for the “bottleneck.”
Think your friends would be interested? Share this story!