TikTok is facing investigation by the Ireland Data Protection Commission over fears of data transfer to China.
The DPC says it will investigate whether TikTok is compliant with EU-wide data regulation for minors, including age verification for under 13 year-olds. A second inquiry will focus on whether TikTok is transferring personal data back to China.
TikTok was viewed as a potential national security risk by the Trump administration. In June, President Biden reversed plans to prevent the app from being downloaded in the United States. Biden says a separate national security review of TikTok is underway.
But TikTok and other Chinese apps deny the allegation that they are national security concerns. That’s even after the app was caught accessing users’ smartphone clipboards without their permission – behavior which TikTok apologized for and removed. TikTok is estimated to have more than 100 million users in the US and another 100 million in the EU.
A spokesperson for TikTok told Sky News that data privacy is of the utmost importance for the social network. “We’ve implemented extensive policies and controls to safeguard user data and rely on approved methods for data being transferred from Europe, such as standard contractual clauses. We intend to fully cooperate with the DPC,” the statement reads.
TikTok is facing increased scrutiny from countries in the European Union as the Ireland investigation gets underway.
In January, TikTok was ordered by Italy to recheck the age of every user in the country. TikTok complied with the order, removing more than 500,000 accounts where it could not verify the ages of the owners. European consumer protection groups have been raising child safety concerns over TikTok for several months.
The GDPR sets limits on how companies like TikTok can process kids’ information. TikTok uses age-gating technology and other strategies to stay in compliance with those laws. It also made changes to minor accounts recently, including turning on privacy settings by default and limiting their exposure to features like direct messages.
The Irish regulator handed down a $267 million fine to WhatsApp for breaching GDPR transparency rules.
It also fined Twitter $550k over a data breach in 2018 – the first year GDPR rules took effect. TikTok may face scrutiny over child safety laws elsewhere in Europe, too. The UK is looking to expand its child data safety laws, which could penalize platforms that don’t follows its Age Appropriate Design Code.