TikTok Fined £12.7m For Breaching Child Protection Law

TikTok has received a £12.7m fine from the British data protection regulator, the Information Commissioner's Office (ICO) for failing to protect the privacy of over 1m children. This is because it “failed to use children’s personal data lawfully” and “did not do enough” to prevent underage children using its platform the ICO said. 

The video-sharing site used the data of children aged under 13 without parental consent, according to an ICO investigation. The fine is one of the largest the ICO has ever issued.

The Chinese-owned video app had not done enough to check who was using the platform and remove underage children, the Information Commissioner’s Office (ICO) said on 4th April. It estimated TikTok allowed up to 1.4 million UK children of this age to use the platform in 2020. TikTok said it had "invested heavily" to stop under 13s accessing the site. 

UK data protection law does not have a strict ban on children using the Internet but requires organisations that use the personal data of children to obtain consent from their parents or carers.

Despite TikTok's rules requiring children under 13 to have parental consent to use the platform, the ICO said many were able to set up accounts without this. It said that children's data may have been used to track and profile them, and potentially present them with harmful or inappropriate content.

The Information Commissioner John Edwards said in a Statement: "There are laws in place to make sure our children are as safe in the digital world as they are in the physical world. TikTok did not abide by those laws. As a consequence, an estimated one million under-13s were inappropriately granted access to the platform, with TikTok collecting and using their personal data... TikTok should have known better. TikTok should have done better. Our £12.7m fine reflects the serious impact their failures may have had."  

TikTok is allowed to appeal against the scale of the fine and has 28 days to make representations. If successful, the ICO could reduce the final amount. The regulator has a maximum of 16 weeks, from issuing the notice of a proposed fine to delivering its final verdict.

“Since the conclusion of the ICO’s investigation of TikTok, the regulator has published the Children’s code to help protect children in the digital world. It is a statutory code of practice aimed at online services, such as apps, gaming platforms and web and social media sites, that are likely to be accessed by children,” says the ICO.

In 2019, TikTok was fined $5.7m by the US Federal Trade Commission for similar practices. That fine, a record at the time, was also levied against TikTok for improper data collection from children under 13.

The company subsequently committed to improving its practices and said it would begin keeping younger users in “age-appropriate TikTok environments”, where those under 13 would be pushed into a more passive role, able to watch videos, but not post or comment on the platform.

ICO:      BBC:     Guardian:     Independent:     Mirror:      ITV:    Yahoo:  

You Might Also Read: 

British School Childrens' Confidential Data Dumped:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« AI Revolution: The Future Is Here, Now
President Biden Forbids Spyware From Government Use »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Covenco

Covenco

Covenco is a data management and IT infrastructure specialist. Working with customers to transform their IT environments, with data protection and security at the forefront of everything we do.

Homeland Security Advanced Research Projects Agency (HSARPA)

Homeland Security Advanced Research Projects Agency (HSARPA)

HSARPA's Cyber Security Division (CSD) was set up to address DHS cyber operational and critical infrastructure protection requirements.

US Cyber Command (USCYBERCOM)

US Cyber Command (USCYBERCOM)

USCYBERCOM conducts activities to ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.

ECOS Technology

ECOS Technology

ECOS Technology specializes in the development and sale of IT solutions for high-security remote access as well as the management of certificates and smart cards.

Thomsen Trampedach

Thomsen Trampedach

Thomsen Trampedach offers a tailored-made brand protection solution to each customer using a proprietary enforcement automation and reporting tool and a multilingual enforcement team.

AppOmni

AppOmni

AppOmni is the only SaaS CSPM solution that gives teams all the tools they need to be successful – from security posture management to monitoring and detection to continuous compliance.

Red Sky Alliance

Red Sky Alliance

Red Sky Alliance (Wapack Labs Corp) is a cyber threat intelligence firm that delivers proprietary intelligence data, analysis and in-depth strategic reporting.

Stefanini Group

Stefanini Group

Stefanini is a global IT services company providing a broad range of solutions for digital transformation including automation, cloud, IoT and cybersecurity.

Extreme Engineering Solutions (X-ES)

Extreme Engineering Solutions (X-ES)

Extreme Engineering Solutions is a leader in the design, manufacture, testing, and support of hardware and software solutions for the embedded computing market.

Nitel

Nitel

Nitel is a leading next-generation technology services provider. We simplify the complex technology challenges of today’s enterprises to create seamless and integrated managed network solutions.

People Driven Technology

People Driven Technology

People Driven Technology is a customer-obsessed organization. We leverage our decades of business, technology, and engineering experience to deliver outcomes for our clients.

Paperclip

Paperclip

Paperclip provides paperless solutions while enabling compliance and security for the exchange of critical content.

SecurEnvoy

SecurEnvoy

SecurEnvoy are a leader in designing zero access trust solutions using the latest cutting-edge technologies, to protect your users, devices and data, whatever the location.

NSW IT Support

NSW IT Support

NSW IT Support: Your exclusive hub for comprehensive Business IT services in Sydney. Our skilled team ensures seamless technology solutions nationwide, consistently delivering top-tier IT support.

DRTConfidence

DRTConfidence

DRTConfidence is the proven solution for today’s organizations needing to meet rigorous compliance standards across the enterprise.

Axelerated Solutions

Axelerated Solutions

Axelerated Solutions offer a comprehensive range of technology services tailored to meet our clients' diverse needs. Our focus is on delivering innovative and secure solutions.