TikTok's privacy mess just got way more expensive

0comments
A smartphone held in a hand showing the TikTok logo on the display.
TikTok's rocky ride with Western governments isn't slowing down. While all eyes are on its uncertain future in the US over national security concerns, the app is now facing new heat in the European Union. After years of being accused of potentially exposing personal data to China, the pressure is mounting once again.

The EU has just hit the platform with a big €530 million fine (around $600 million when directly converted) after a long-running investigation found that TikTok's data transfers to China violated strict EU privacy rules.

Ireland's Data Protection Commission (DPC), which oversees TikTok in the EU since its European HQ is in Dublin, said the app wasn't transparent enough about where user data was being sent and didn't do enough to protect it from access by Chinese staff. TikTok has six months to fix the issues.

– Deputy Commissioner Graham Doyle, May 2025

TikTok isn't backing down, though. The company said it plans to appeal, arguing that the ruling ignores its new €12 billion data protection initiative, Project Clover. That includes building three data centers in Europe and putting stronger controls in place since May 2023.

–Christine Grahn, Head of Public Policy & Government Relations - Europe, May 2025

TikTok also said it has never been asked by Chinese authorities to hand over European user data – and it never has.

– Christine Grahn, Head of Public Policy & Government Relations - Europe, May 2025

This is actually TikTok's second big fine from the DPC. In 2023, it got slapped with a €345 million penalty over how it handled kids' data. The DPC has also taken action against other tech giants under the EU's GDPR rules, which let regulators fine companies up to 4% of their global revenue.

Recommended Stories
For example, just last year, Ireland's Data Protection Commission went after Twitter International, the Irish arm of X, over concerns about how the platform handles personal data from millions of European users.

Meta also got hit with a hefty fine of around $250 million for a data breach, and LinkedIn wasn't spared either – facing a €310 million (about $334 million when directly converted) penalty after the DPC found it misused user data for targeted ads through behavioral analysis.
Did you enjoy this article?
Еxplore more with a FREE members account.
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Manage your newsletter choices
Register For Free
Loading Comments...

Recommended Stories

FCC OKs Cingular\'s purchase of AT&T Wireless