TikTok has been fined €530 million (approximately $600 million) by the European Union for violating data privacy laws by transferring user data to China.
The fine was issued by Ireland’s Data Protection Commission (DPC), which oversees TikTok’s operations in Europe.
The DPC found that TikTok allowed employees in China to access European users’ personal data without adequate safeguards, breaching the EU’s General Data Protection Regulation (GDPR).
Additionally, TikTok failed to inform users about these data transfers, leading to a lack of transparency.
Approximately $550 million of the fine pertains to the unlawful data transfers, while the remaining $50 million addresses transparency violations.
TikTok acknowledged that some European user data was stored in China but stated that this data has since been deleted.
The company plans to appeal the decision, asserting that it has implemented measures to enhance data security, including its “Project Clover” initiative aimed at localizing data storage within Europe.
The DPC has given TikTok six months to comply with EU data protection standards. Failure to do so could result in the suspension of data transfers to China.