TikTok has often found itself in hot water - sometimes with consumers and sometimes with governments. It seems that nearly every major government in the world has taken an interest in the Chinese-owned company and its practices. Some are interested in the way the algorithm surfaces content, while others are interested in how they store data. The latter is what has led the EU, through Ireland's Data Protection Commission, to fine TikTok $368 million over the handling of children's privacy and data handling.
How TikTok treated kids
The EU cites several data practices in its fine of TikTok. In particular, they took issue with the way TikTok treated the data and privacy of children using its platform. The most notable issue was the default settings for new accounts of children. When creating a new account whose age was under 18, certain rules are supposed to be followed, yet TikTok didn't seem to be too concerned with those rules.
For example, when a new kid's account was created, the default setting was for all posts and communications to be public. This meant that anyone on the service had the ability to watch and comment on a video from a minor. Obviously, this created a major privacy issue, as people with a variety of nefarious intentions had the ability to communicate with these children. Of course, those settings could be changed, but that shouldn't be required for children to know and understand.
Another claim involves the "family pairing" feature. This feature allows parents to be able to manage the settings of their kids' apps. One of the settings that was able to be changed was enabling direct communication. This meant that parents could turn on the ability for outsiders to comment on videos and message their kids without the kid's permission.
TikTok, of course, has taken issue with the finding and the fine. They claim that the file comes well after these issues have been resolved. New children's accounts now default to private, as do their posts. Users under 16 don't have the ability to use direct messaging at all anymore. In fact, they claim these issues were resolved in 2021 before the EU's investigation even began.
Previous run-ins with the law
This is not the first time TikTok has been fined over child privacy concerns. The UK fined the company $15.7 million over the privacy of children and their data in April 2023. In 2019, the US Federal Trade Commission also fined the company $5.7 million for violations of the country's Children's Online Privacy Protection Act (COPPA).
The FTC fines also came after the actual issues were publicly resolved. In fact, the COPPA violations weren't technically the fault of TikTok, but of Musical.ly, the platform's direct predecessor. But because it was the same company - ByteDance - the violations were still valid for prosecution or fines. In particular, the issues were also around the public nature of new accounts and the inability to make private your username and real name, even if your account was made private.