TikTok has been fined €345 million by the Data Protection Commissioner.
It relates to the processing of the personal data of users aged between 13 and 17.
This is following an inquiry into the extent to which it complied with its GDPR obligations in relation to child users' data between 31st July 2020 and 31st December 2020.
It was in the context of age verification and certain platform settings, including public-by-default and family pairing settings.
In its decision, the DPC details how the family pairing function could see the accounts of users aged between 13 and 17 paired with an non-child user, without verifiying whether that user was actually the child's parent or guardian.
Also, the non-child user could enable direct messages to the accounts of users aged 16 and 17.
TikTok must now bring its processing into compliance within three months and pay the administrative fine totalling €345 million.
"Appropriate" Fine
In response, CyberSafeKids said it acknowledges the plaform "continues to make improvements," but the group felt the fine was "appropriate."
CEO Alex Cooney said,
"We believe this fine is appropriate and proportionate given the billions in profit that TikTok makes annually."
"They need to do much more to address the issue of underage users on their platform and to protect child users from harmful content."
The Chief Executive of CyberSafeKids said it's most recent data shows 37% of kids from 8-12 are using TikTok.
Alex concluded, "So the platform's failings represent a clear danger to a large number of Irish children."