This week, the publisher of popular video-sharing app TikTok was fined almost £12.7 million (€14.5 million) by the UK data watchdog, the Information Commissioner’s Office (ICO) – the equivalent of the CNIL across the Channel.
The ICO justifies this fine by claiming that TikTok enabled 1.4 million UK children under the age of 13 to create an account on the app in 2020. The minimum age required to create an account on TikTok is however 13 years old. The app collects and stores user data when they create an account or, if they don’t have an account, when they scroll through the “For You” page. Data collected includes IP addresses, location, device metadata, and user tracking cookies.
John Edwards, the UK’s information commissioner, told Reuters that such tracking tools could expose children under 13 to harmful and inappropriate content.
TikTok is convinced that children tell the truth
Last month, when TikTok CEO Shou Zi Chew testified before the US Congress, many members of Congress asked him how TikTok planned to protect children on the app. Shou Zi Chew replied that her company does what most social media companies do to control users who might be too young to use the app: she believes that users are telling the truth when they open an account.
When someone creates an account on TikTok, the app asks for their date of birth. It is then up to him to give an exact date of birth. But often, children below the legal age age themselves to circumvent the app’s age restrictions.
However, the CEO of TikTok indicates that his company has implemented a monitoring process to detect content posted by children under 13. And when TikTok detects that an app user is under the age of 13, their account is banned.
Some kids fall through the cracks
But TikTok’s vetting process isn’t perfect, as the ICO fine shows. Some children slip through the cracks and end up on TikTok without their parents’ permission or supervision. Britain’s CNIL, while investigating TikTok’s child protection practices on its app, found that company executives knew children under 13 were on the app, but did not act so far.
The ICO therefore concluded that TikTok breached UK data protection law by providing services to children under 13, failing to disclose how the app collects user data from children, and failing to ensure that UK user data is processed lawfully and transparently.
TikTok says it disagrees with the ICO fine, but welcomes the size of the fine, as last year the UK threatened to fine TikTok nearly $29 million for the same violations.
Source: ZDNet.com