THE The European Union today fined TikTok 345 million euros for violation of rules for the protection of personal data of minors.

TikTok Technology Limited has been ordered to pay “administrative fines totaling €345 million” and bring its operations into compliance within three months, Ireland’s Data Protection Commission (DPC), which acts on behalf of the EU, has announced.

The DPC launched an investigation in September 2021 into this subsidiary of Chinese giant ByteDance – a social networking platform particularly popular with young people – which today has 150 million users in the US and 134 million in the European Union.

The surveys covered the period between 31 July and 31 December 2020.

The Irish authority underlined in its decision that the registration of minors on the platform is done in such a way that their accounts are set to be public by default.

Other issues related to the “family link” feature setting, which allows a parent’s TikTok account to be linked to their child’s. According to the ruling, the company does not verify whether the logged-in user was actually a parent or guardian.

Furthermore, while the platform is theoretically intended for users over the age of 13, the DPC considers that TikTok has not properly taken into account the risks to younger children who have managed to create an account on the platform.

TikTok “disagrees with the decision, particularly with the amount of the fine imposed,” a spokesperson for the company responded, clarifying that the company is “considering next steps,” without making a decision on whether to appeal against it.

“DPC’s criticisms focus on features and parameters that were in place three years ago that we have modified” soon after, the company argued, noting for example that all accounts of under-16s are now private by default.

The company claims to closely monitor the ages of its users and points out that it has deleted nearly 17 million accounts worldwide in the first three months of 2023 alone, on suspicion that those accounts belonged to people under the age of 13.

This is the first fine the Irish regulator has imposed on ByteDance. Last May the DPC fined Meta a record €1.2 billion for breaching European data protection regulations with social networking site Facebook.