The DPC has now presented the results of its investigation into non-compliance with "obligations under the General Data Protection Regulation (GDPR) in relation to its processing of personal data relating to child users" at major global platform TikTok.
The Commission asserts that the social media giant failed to uphold protective measures in its treatment of the data in question from July 31, 2020 to December 31, 2020. During that time, TikTok was found to have left a setting called Family Pairing in a state that might have allowed any adult to pair their account to one of an underage user, in a way that might also have enabled said "non-parent or guardian" to DM a minor over the age of 16.
The DPC also pointed out that "child user accounts were set to public by default", thereby putting those under 13 at potential risk while on the platform, as their content would have been accessible to anyone (on TikTok or otherwise). The company could have been more upfront about this situation and yet were not, thus infringing on yet more articles of the GDPR.
The platform was also found guilty of "nudging users" towards less privacy-friendly settings and options in the course of registering for an account, and when posting a video, in a similarly shady manner.
Accordingly, TikTok has been ordered to correct its failings as outlined in the DPC within 3 months, and to pay €345 million (~US$371 million) in administrative fees.
Buy a Hohem iSteady M6 on Amazon