Ireland’s Data Protection Commission has imposed a €530 million fine on TikTok for violating GDPR regulations by transferring European user data to China. The decision comes after an investigation that highlighted the platform’s lack of transparency and failure to ensure adequate privacy protections for EEA users. Additionally, TikTok must suspend data transfers to China and comply with regulatory requirements within six months. Affected: TikTok
Keypoints :
- The Data Protection Commission (DPC) fined TikTok €530 million for data protection violations.
- The investigation revealed TikTok’s illegal transfers of EEA user data to China, violating GDPR regulations.
- TikTok must suspend data transfers to China and bring its processing practices into compliance within six months.
- The decision resulted from a probe initiated in September 2021, focusing on data transfers to third countries.
- DPC Deputy Commissioner Graham Doyle noted TikTok’s failure to guarantee adequate privacy protections for EEA users.
- The DPC criticized TikTok for providing misleading information regarding data storage on Chinese servers.
- TikTok has claimed that the data previously stored on Chinese servers has now been deleted.
- This is TikTok’s second fine from the DPC, following a €345 million penalty in September 2023 for handling children’s data.
- TikTok’s head of public policy contended that the ruling did not account for its Project Clover data security initiative.
Read More: https://thehackernews.com/2025/05/tiktok-slammed-with-530-million-gdpr.html