TikTok’s parent company, ByteDance, is expected to face a fine of more than €500 million for illegally sending European user data to China. The Irish Data Protection Commission (DPC) is preparing to issue the fine after an investigation found that the company violated the European Union’s strict data privacy rules, known as the General Data Protection Regulation (GDPR).
Why is TikTok Being Fined?
A long-running investigation by the Irish DPC revealed that TikTok sent European users’ personal data to China. The data was reportedly accessed by engineers based in China, which is a serious violation of the GDPR. Under these rules, companies must ensure that personal data is handled securely and cannot be transferred to countries that do not have strong privacy protections.
This fine could be one of the largest ever imposed by the Irish DPC. Previously, the regulator fined Amazon €746 million in 2021 and Meta (Facebook’s parent company) €1.2 billion in 2023 for similar privacy breaches.
Gaurav Mehta, Co-founder of Concur-Consent Manager, commented on the importance of international data flows, stating: “The law might be the law, but governments always catch up. Businesses that act ethically in the absence of regulations protect themselves from future surprises. Data privacy is not just about compliance—it is about trust and long-term sustainability.”
What Happens Next?
As part of its decision, the Irish DPC is also expected to order TikTok to stop processing European user data in China within a given period. The company will have the option to challenge the fine in Irish courts, but if it does not comply, it could face further penalties. This is not the first time TikTok has been penalized in Europe. In September 2023, the company was fined €345 million for failing to protect children’s personal data.
The investigation into TikTok’s data transfers started in 2021 when former Irish DPC chairwoman Helen Dixon raised concerns. She warned that engineers in China could access European user data for maintenance and artificial intelligence development.
TikTok’s Struggles in the US
This fine comes at a challenging time for TikTok. The company is under pressure to sell its US operations by April 5. If it does not, the social media platform could be banned in the United States.
Several major buyers, including Amazon and the founder of OnlyFans, have reportedly expressed interest in acquiring TikTok’s US business. However, no final decision has been made.
What Does This Mean for TikTok Users?
For European TikTok users, this fine highlights concerns about how their data is handled. Privacy regulators in the EU are taking stronger actions against companies that misuse personal data. If TikTok does not improve its data protection policies, it could face further restrictions or even more fines in the future.
For now, TikTok has not issued an official response to the fine, and the Irish DPC has said it is not in a position to comment on the matter at this time.
