TikTok under renewed EU scrutiny as Irish watchdog probes data transfer to China

TikTok's admission that it stored European user data on Chinese servers has sparked a new investigation by Ireland’s Data Protection Commission.


An Irish regulator helping police European Union data privacy said Thursday it had launched an investigation into TikTok over the transfer of European users’ personal data to servers in China.

TikTok was fined €530 million (R10 billion) in May by the Data Protection Commission over sending personal data to China, though the Chinese social media giant had insisted this data was only accessed remotely.

‘Deep concern’

The DPC on Thursday said it had been informed by TikTok in April that “limited EEA user data had in fact been stored on servers in China”, then deleted, contrary to evidence previously presented by the company.

The watchdog said it had expressed “deep concern” in its previous investigation that “TikTok had submitted inaccurate information”.

TikTok plans to appeal the May fine – the second largest ever imposed by the DPC.

The social media giant has been in the crosshairs of Western governments for years over fears personal data could be used by China for espionage or propaganda purposes.

But TikTok has insisted that it has never received any requests from Chinese authorities for European users’ data.

ALSO READ: WATCH: TikTok ASMR trend heads to the massage studio in SA

Big tech

TikTok, which has 1.5 billion users worldwide, is a division of Chinese tech giant ByteDance.

But since it has its European headquarters in Ireland, the Irish authority is the lead regulator in Europe for the social platform – as well as others such as Google, Meta and Apple.

The DPC is tasked with ensuring companies comply with the EU’s strict General Data Protection Regulation (GDPR), launched in 2018 to protect European consumers from personal data breaches.

Its latest probe against the Chinese-owned giant will determine “whether TikTok has complied with its relevant obligations” to comply with the GDPR.

The data protection watchdog has imposed a number of massive fines against tech companies as the EU seeks to rein in big tech firms over privacy, competition, disinformation and taxation.

TikTok data

For years, TikTok promoted its data protection policies. It made much of what it called Project Clover, a plan to invest €12 billion in European data security over 10 years from 2023 onwards.

ALSO READ: Bolt pokes holes in TikToker Simthande Myeza’s abduction claims

It claimed that Europeans’ data was by default stored in Norway, Ireland and the United States and “that employees in China have no access to restricted data”, such as phone numbers or IP addresses.

TikTok told AFP in May that it had “promptly” informed the DPC of a technical issue regarding data transfers.

Looming US ban

The social media giant is also under pressure in the United States where it faces a looming ban if it does not find a non-Chinese buyer.

US President Donald Trump said at the end of June that a group of buyers had been found for TikTok, adding that he could name the purchasers in a matter of weeks.

NOW READ: TikTok ban deadline looms as US seeks non-Chinese owner

Read more on these topics

European Union (EU) Ireland TikTok