TikTok illegally transferred user data to servers in China and Ireland's Data Protection Commission levied a €530 million (~$600 million) fine on it Thursday. Among the most significant breaches of the EU's General Data Protection Regulation (GDPR) yet to hit the "find out" stage for big tech companies, the fine came with an order that the company take "corrective measures" to guarantee future compliance.
Here's DPC Deputy Commissioner Graham Doyle, in a statement:
"The GDPR requires that the high level of protection provided within the European Union continues where personal data is transferred to other countries. TikTok's personal data transfers to China infringed the GDPR because TikTok failed to verify, guarantee and demonstrate that the personal data of EEA users, remotely accessed by staff in China, was afforded a level of protection essentially equivalent to that guaranteed within the EU. As a result of TikTok's failure to undertake the necessary assessments, TikTok did not address potential access by Chinese authorities to EEA personal data under Chinese anti-terrorism, counter-espionage and other laws identified by TikTok as materially diverging from EU standards."
Previously:
• Supreme Court upholds Tik Tok ban
• Support for banning Tik Tok evaporated in the summer heat
• Ukulele YouTube videos ripped off on TikTok
