TikTok was fined 530 million euros ($600 million) on Friday for violating a European Union data privacy law after regulators found the company had improperly transferred users’ personal data to China.
The Irish Data Protection Commission, which announced the penalty, said TikTok failed to adequately protect data of its users in Europe, including some that was available to staff in China, in violation of the European Union’s data privacy law, the General Data Protection Regulation.
The fine is one of the largest imposed under the law and adds to the challenges faced by TikTok’s Chinese owner, ByteDance, amid a U.S. effort to force the platform’s sale to a non-Chinese company or be banned in the United States. Irish authorities said TikTok would be ordered to suspend data transfers to China within six months if it did not meet certain requirements.
European regulators said TikTok’s weak safeguards put at risk information about users across the 27-nation bloc. Irish authorities said the Chinese government, under its antiterrorism and anti-espionage laws, could have gained access to those users’ data.
TikTok, which has about 175 million users across Europe, said in a statement that it complies with European Union laws. The company has “never received a request for European user data from the Chinese authorities, and has never provided European user data to them,” TikTok said.
TikTok said it planned to appeal the decision, a move that could set up a yearslong court battle between it and the Irish government, which is TikTok’s main regulator in Europe. TikTok’s European headquarters are in Ireland, and its government is charged with enforcing the General Data Protection Regulation.
TikTok said the Irish Data Protection Commission did not account for a 2023 initiative to spend 12 billion euros to fence in data of users inside the European Union. The project included construction of a data center in Finland.
“This ruling risks setting a precedent with far-reaching consequences for companies and entire industries across Europe that operate on a global scale,” TikTok said in a statement.
On Friday, Irish regulators said that last month, TikTok said it had discovered a “limited” amount of user data had been stored on servers inside China after it had repeatedly denied doing so.
European users were not “afforded a level of protection essentially equivalent to that guaranteed within the E.U.,” Graham Doyle, deputy commissioner of the Irish Data Protection Commission, said in a statement.
Adam Satariano is a technology correspondent for The Times, based in London.
The post TikTok Fined $600 Million for Sending European User Data to China appeared first on New York Times.
