The Irish Data Protection Commission (DPC) has fined TikTok €345 million ($368 million) for violating the privacy of children between the ages of 13 and 17 while processing their data.
One of the most concerning revelations was that TikTok’s profile settings for child user accounts defaulted to public visibility, making all posted content visible to anyone, within and outside the platform.
TikTok’s ‘Family Pairing’ feature, which was also under scrutiny, was also found to be faulty as it allowed non-child users who could not verify their status as parents or guardians to link their accounts with those of minors aged 16 and above.
This raised serious concerns about potential risks to child users, as the non-child user gained the ability to enable Direct Messages.
TikTok also failed to provide adequate transparency information to its young users, thus hindering their ability to fully comprehend the platform’s data processing practices.