TikTok is facing the possibility of a £27m fine for failing to protect children’s privacy. An investigation by the Information Commissioner’s Office (ICO) found that the video-sharing app may have breached data protection law between May 2018 and July 2020.
The maximum fine the ICO can impose will be based on a calculation of 4% of TikTok’s annual global turnover. It is believed that TikTok may have processed the data of children under the age of 13 without parental consent and failed to provide appropriate information to its users in a “concise, transparent and easily understandable manner”.
“We all want children to be able to learn and experience the digital world, but with appropriate data privacy protections,” said information commissioner John Edwards.
“Companies that provide digital services have a legal duty to put those protections in place, but our provisional view is that TikTok did not meet that requirement.”
The ICO said it had not reached a conclusion on whether there had been a breach of data protection law, or whether a financial penalty would be imposed.
“We will carefully consider any representations from TikTok before making a final decision,” the ICO said.
Edwards, who began his five-year term as commissioner in January, said the ICO was also looking at more than 50 other online services to see if they complied with data laws relating to children. He said the ICO had several ongoing investigations.