TikTok is under increasing pressure from Western officials over privacy and data protection concerns. The US has upped the ante against the Chinese social media company by recently banning the platform from officials' phones. So far the EU hasn't taken action quite as drastic but TikTok CEO Shou Zi will on Tuesday meet with senior European officials in Brussels to discuss how the platform can conform to EU rules on privacy, disinformation and hate speech.
Competition Commissioner Margrethe Vestager, as well as Commissioner Vera Jourova, Home Affairs Commissioner Ylva Johansson and Justice Commissioner Didier Reynders, will all be present at the meeting.
The move follows increasing concerns over data protection and spying. In November, TikTok announced that a privacy policy change would allow "certain" company employees to access EU user data in third countries, including China.
Moreover, the platform admitted that four employees from its parent company had used data accessed from the app to track two Western journalists' movements. The four employees have since been fired over the unauthorised use of user data.
EU probes
Ireland's data watchdog is investigating Tiktok's transfers of personal data to China. Ireland is the EU home to many tech companies, which therefore fall under Irish jurisdiction. Yet Ireland's probe is a slow-moving process, with a draft decision first to be sent to other EU data protection authorities in the first quarter of this year.
Separately, Italy's data protection agency warned Tiktok last summer that a change in its privacy policy (which would mean it no longer needs to ask for user permission before using targeted ads) failed to comply with data protection legislation. Unlike in the US, EU probes have yet to result in any concrete actions.
Related News
- Facebook will settle Cambridge Analytica case for $725 million
- Twitter reverses political advertising ban in search for revenue
Companies that fall foul of EU GDPR laws can be fined as much as 4% of global turnover; the EU ePrivacy Directive enables Member States to issue penalties. Italy took action against TikTok for breaching the ePrivacy Directive. Under the GDPR directive, it would normally be down to Ireland to penalise TikTok, since this is the Member State where the company has its European headquarters.
Slow procedures
Ireland's data protection authorities recently fined Facebook's parent company Meta over $400 million for breaching EU privacy rules and forcing users to accept targeted ads, showing that penalties can have an effect.
Yet complaints against Meta were made as far back as 2018 to Ireland's Data Protection Committee (DPC), making it unlikely that GDPR procedures against TikTok will lead to actions any time soon.
It could be the European Data Protection Board (EDPB) who will step in if Italian authorities proceed with a GDPR emergency procedure that lets data regulators circumvent the usual requirements to take concerns to a lead supervisor. However, it is still unclear if the EDPB will take action.