TikTok Allegedly Violates EU Privacy Rules and Faces Huge Fines

On July 11st, Italy’s data protection authority said it had formally warned TikTok, a video-sharing app owned by its Chinese Communist Party (CCP) controlled parent company ByteDance, that it violated existing European Union rules protecting user privacy.

TikTok notified users in recent weeks that it would serve them targeted advertising from July 13th, without asking consent to use the data stored on their devices, the Italian watchdog said.

In changing its privacy policy, TikTok claimed that it was acting in the legitimate interests of the company and its partners, according to the Italian regulator. In response to this argument, the regulator said such an approach would not comply with EU privacy rules.

“While our evaluation of the Italian Data Protection Agency’s recent notice is still ongoing, we cannot comment further,” a TikTok spokesperson said in a statement.

The watchdog said it would reserve the right to impose unspecified restrictions if TikTok does not withdraw its announced policy changes. In particular, inappropriate ads may be targeted at minors given the problems that TikTok might accurately track the age of its users.

Since TikTok and other top Internet companies have their regional headquarters in Ireland, making Irish agency the main regulator in the EU. In light of this, the Italian regulator also notified the Ireland’s Data Protection Commission over TikTok’s policy alleged breaches of EU data rules.

ByteDance operates in the EU may face fines of up to 4% of global revenue for privacy breaches.