European regulators slap TikTok with $368 million fine for breaching strict data privacy rules

livemint.com:

European regulators slapped TikTok with a $368 million fine on Friday for failing to protect children's privacy, the first time that the popular short video-sharing app has been punished for breaching Europe's strict data privacy rules. Ireland's Data Protection Commission, the lead privacy regulator for Big Tech companies whose European headquarters are largely in Dublin, said it was fining TikTok 345 million euros and reprimanding the platform for the violations dating to the second half of 2020.

The investigation found that the sign-up process for teen users resulted in settings that made their accounts public by default, allowing anyone to view and comment on their videos. Those default settings also posed a risk to children under 13 who gained access to the platform even though they're not allowed.

Also, a “family pairing" feature designed for parents to manage settings wasn't strict enough, allowing adults to turn on direct messaging for users aged 16 and 17 without their consent. And it nudged teen users into more “privacy intrusive" options when signing up and posting videos, the watchdog said.

TikTok said in a statement that it disagrees with the decision, “particularly the level of the fine imposed." The company pointed out that the regulator's criticisms focused on features and settings dating back three years. TikTok said it had made changes well before the investigation began in September 2021, including making all accounts for teens under 16 private by default and disabling direct messaging for 13- to 15-year-olds.