TikTok May Have Illegally Used Kids’ Data For Two Years, May Face A $29 Million Fine

A British government inquiry revealed TikTok may have violated UK data protection regulations. The social media platform may have failed to protect children's privacy. The Chinese media giant could be subject to a fine of £27 million.

The UK's Information Commissioner's Office (ICO) said TikTok and its Information Technologies UK subsidiary violated British laws between May 2018 and July 2020. A possible regulatory fine is also mentioned in a notice of intent ICO sent to TikTok on Monday.

TikTok could face $29 million fine from UK over kids’ data privacy violations https://t.co/aizmqzhUb2 pic.twitter.com/Dr9BagW4ba

— The Hill (@thehill) September 27, 2022

However, if the ICO does fine TikTok, the $29 million fine would probably be seen by the internet giant. The company brings in billions of dollars annually, merely as administrative expense.

The watchdog's inquiry suggests that TikTok may have processed children under 13's data without their parents' permission. They may have used "special category" data without a valid legal basis. This data may include genetic and biometric data and political viewpoints. Religious convictions, orientation, and ethnic and racial origin may also be included.

NEW: As part of our work to protect children’s privacy, we’ve been looking into where practice isn’t up to our expectations. Our investigation found that TikTok may have breached UK data protection law and could face a fine of £27 million.

More: https://t.co/iqcIbTmKw4 pic.twitter.com/NfLilmzbTn

— ICO - Information Commissioner's Office (@ICOnews) September 26, 2022

The regulator added that TikTok failed to give users information in a clear, transparent, and understandable way.

What Is UK 'Children's Code'? And How Does It Impact TikTok?

The UK "Children's Code" is also known as the age-appropriate design code. It aims to create a safer internet for children by enforcing 15 standards that apps. Online services are required to follow them as well.

It targets explicitly the Big Tech names including Meta, YouTube, and TikTok. This is not great for these platforms. Especially when companies like Meta and Google are busy mastering the technique of quiet layoffs.

The  "UK Children's Code" is also applied to any companies, including those outside the UK, that process personal data of kids in the United Kingdom.

In Brussels today, I discussed the growing, global concerns with #TikTok and its surreptitious data flows back into China with some of my E.U. counterparts. pic.twitter.com/2BsuJENjF4

— Brendan Carr (@BrendanCarrFCC) September 26, 2022

It's worth noting that California's new child privacy law was modelled after the UK's version.

The ICO's notice of intent was published at the same time that American FCC Commissioner Brendan Carr described TikTok as a "national security concern" in front of EU legislators at a technology summit in Brussels.

He has voiced his scepticism over the Chinese software and stated that it may not be just another platform for the distribution of amusing videos or memes. Carr claims that TikTok serves as a sophisticated surveillance tool that collects vast amounts of private and sensitive data. He conveyed these assertions to European lawmakers in Belgium in a one-page memo.