Loading

Blog details

TikTok fined by Dutch DPA

TikTok fined by Dutch DPA

TikTok fined by Dutch DPA for failure to provide translated information to users

The video sharing social networking app TikTok was recently fined by the Dutch DPA, according to this report from the EDPB. Upon investigation into apps typically used by minors, it was discovered that the information provided when installing the app (including the privacy policy) was only provided in English. By failing to provide this information in Dutch, TikTok violated the rights of Dutch speaking users, by their failure to give users clear, comprehensible information on what happens with their personal data. This in and of itself is a violation of their privacy rights. TikTok has been hit with a fine for €750,000, to which the company has objected. 

TikTok, fined by the Dutch DPA, and now being investigated by the Irish DPA after establishing headquarters in Ireland. 

While this initial fine was imposed by the Dutch DPA, and rightfully so, because at the time TikTok had no headquarters in the EU, the company has since established headquarters in Ireland. The initial fine could have been imposed by any EU member state, however, any subsequent investigations must be handled by the Irish Data Protection Commission. The Dutch Data Protection Authority can only be expected to assess the privacy statement related violation, which had ended by the time headquarters had been established in Ireland. When companies have no European headquarters, any EU member states can oversee its activities, however if there are European headquarters, this responsibility would fall on the country which houses the company‘s headquarters.

TikTok has made changes to their app to make it safer for child users. 

Since last October, when the Dutch DPA submitted the results of its investigations to TikTok, certain key changes have been made to protect users under 16 while they use this app. While these changes are not entirely foolproof because children can still pretend to be older by creating their account with false information, the DPA welcomes the adjustments made by TikTok to reduce the risk for child users. Partents are now able to manage their children’s accounts through their own accounts, or through the ‘Family Pairing’ feature. This will not prevent children from putting themselves at risk by lying about their age, however it will give parents the power to monitor their children’s accounts and provide greater security to them. 

Does your company have all of the mandated safeguards in place to ensure compliance with the GDPR, Law Enforcement Directive and Data Protection Act 2018? Aphaia provides both GDPR and Data Protection Act 2018 consultancy services, including data protection impact assessments, and Data Protection Officer outsourcing. We can help your company get on track towards full compliance. Contact us today.

Prev post
Case between Schrems and Facebook intensifies as further questions are raised
July 27, 2021
Next post
Fine imposed by CNIL for failing to comply with retention periods and transparency duties under GDPR
August 3, 2021

Leave a Comment