EU Opens Fresh Investigation Into TikTok Over Data Stored in China

The European Union has launched a fresh privacy investigation into micro-video platform TikTok over the storage of European applyrs’ data in China, the regulator announced on July 10.

Ireland’s Data Protection Commission (DPC) opened the inquiry as a follow-up to an earlier probe, which concluded on May 2 and resulted in TikTok being fined $620 million (530 million euros) for violating the EU’s data protection rules.

The DPC is serving as the bloc’s lead regulator for TikTok, owned by Beijing-based tech giant ByteDance, becaapply the company’s European headquarters is in Dublin.

Due to its tax breaks, many tech firms are based in the Republic of Ireland.

The data regulator declared that during the earlier investigation, TikTok had stated that personal data belonging to applyrs in the European Economic Area (EEA) had only been accessed remotely and was not stored on servers located within China.

However, TikTok informed the DPC in April that it had discovered in February that applyrs’ data had been stored in servers in China.

The DPC declared that at the time, it was deeply concerned that the company had submitted inaccurate information and was considering what further regulatory action to take.

“As a result of that consideration, the DPC has now decided to open this new inquiry into TikTok,” the regulator declared on July 10.

“The purpose of the inquiry is to determine whether TikTok has complied with its relevant obligations under the [General Data Protection Regulation] in the context of the transfers now at issue, including the lawfulness of the transfers.”

TikTok’s Response

In response, TikTok declared it had notified the DPC of the rules breach, after it had embarked on data localization program Project Clover, which involves building three data centers in Europe in a bid to ease the bloc’s security concerns.

The company declared: “Our teams proactively discovered this issue through the comprehensive monitoring TikTok implemented under Project Clover.

“We promptly deleted this minimal amount of data from the servers and informed the DPC. Our proactive report to the DPC underscores our commitment to transparency and data security.”

TikTok had declared following the May 2 ruling that it would appeal against the DPC’s earlier decision.

A statement published on the social media platform’s website at the time declared: “This decision has implications not just for TikTok, but for any company in Europe operating globally. We disagree with this decision and intfinish to appeal it in full.”

Data Protection Regulation

The GDPR is an EU law that sets out rules on how companies can handle the personal data of residents of the EEA (the EU’s 27 member states, plus Norway, Iceland, and Liechtenstein).

Breaches are policed by the local regulator in which the companies are based, and regulators can impose fines of up to 4 percent of a firm’s global revenue if it violates the law.

In 2023, the DPC fined TikTok $368 million (345 million euros) for failure to protect children’s privacy.

Under the regulations, European applyrs’ data can only be transferred outside of the bloc if there are safeguards in place to ensure applyrs have the same level of protection.

There are only 15 other countries worldwide that are considered to have the same level of data privacy, and China is not one of them.

Divest-or-Ban Law

It is not only Europe that has concerns over how TikTok handles applyr data.

U.S. lawcreaters have also cited national security concerns over ByteDance’s ties to the Chinese Communist Party (CCP), and that Americans’ data could be accessed by the CCP.

On June 19, President Donald Trump extfinished by 90 days the deadline by which ByteDance must sell U.S. assets and operations to comply with a national security law, which has come to be known as the divest-or-ban law.

On July 4, Trump declared his officials would launch talks this week with Beijing about a potential sale of TikTok.

Speaking to reporters while aboard Air Force One, the president declared the United States “pretty much” has a deal for the sale of the video platform’s U.S. operations.

When questioned whether he was confident that Beijing would approve the sale, Trump responded, “I’m not confident, but I believe so.”

“President Xi [Jinping] and I have a great relationship. I believe the deal is good for China, and it’s good for us,” he added.

The Associated Press contributed to this report.

Source link