TikTok has become the center of another major security scandal in the European Union. The Irish Data Protection Commission has fined the company €530 million for illegally transferring the personal data of European users to China and violating its transparency policy. This figure is one of the three largest fines imposed by the regulator.
Why was TikTok punished?
The Irish regulator examined TikTok’s activities between 2020 and 2022. According to the results of the investigation:
The company transferred the personal data of European users to China, but did not inform users about this;
It was found that due to Chinese legislation, control and security over this data were not ensured;
€485 million was set for unauthorized data transfers,
and €45 million for lack of transparency.
TikTok’s response
TikTok strongly disagreed with the Commission’s decision and announced that it would appeal the decision in full. Although the company, in its statement, emphasized that user privacy is a priority, the regulator did not find this sufficient.
Global context: tech giants and data sovereignty
The fine reflects Europe’s increasingly demanding stance towards technology companies. Earlier:
Meta was fined 1.2 billion euros,
Amazon was fined 746 million euros.
Apple and Meta are also likely to be fined as part of antitrust investigations.
Note for Pivot
The TikTok case reaffirms the EU’s strategic approach to data sovereignty, user data security and technological independence. Digital service providers will now have to consider not only technological, but also political and legal obligations. TikTok’s appeal process could become a key test for European technology regulation.
