TikTok could face a £27m fine in the UK for a potential breach of UK data protection law by failing to protect children’s privacy when they use the video-sharing platform TikTok.
The UK’s Information Commissioner’s Office said on Monday it had issued the social media company a legal document that preceded the potential fine, and said TikTok may have processed the data of children under 13 without parental consent and processed “special category data” without legal grounds to do so.
The commissioner added that “special groups data” includes ethnic origin, political opinions, religious beliefs, and sexual orientation.
It also said that TikTok may have failed to provide honest and easy-to-understand information to its users, as the legal document covered the period from May 2018 to July 2020.
Information Commissioner John Edwards noted that the authority’s interim view was that TikTok had failed to provide adequate data privacy protections, and the authority said its findings were not final and that it would consider any representations from TikTok before making a final decision.
“While we respect the role of the UK Information Commissioner’s Office in protecting privacy in the UK, we disagree with the initial views expressed, and intend to respond formally,” a statement from TikTok, which is owned by Chinese company ByteDance, said.
The British government is working to push the Internet Security Bill, which would require tech companies to protect children from harmful content.
The Information Commissioner’s Office said it has six other investigations underway with companies that do not appear to have taken their child safety responsibilities seriously enough.