Chinese-owned social media sensation TikTok has been fined almost $16 million for violating provisions of the UK’s General Data Protection Regulation. Credit: TikTok The UK’s Information Commissioner’s Office announced today that it has levied a nearly $16 million fine against TikTok for “a number of breaches” of the country’s data protection law.Central to the ICO’s decision to fine TikTok are the estimated 1.4 million UK children under 13 years of age, who were allowed to sign up for the platform in 2020, despite the company’s own rules barring such use.That’s a violation of UK’s General Data Protection Regulation (similar to the EU’s GDPR), the ICO said in a statement. The UK GDPR requires that companies that use personal data to offer services to children under 13 need a parent or guardian’s permission to do so. The regulator also noted that “senior employees” at TikTok were aware of underage users on the platform, and did not respond adequately to the issue. “There are laws in place to make sure our children our as safe in the digital world as they are in the physical world,” said UK Information Commissioner John Edwards in the statement. “TikTok should have known better. TikTok should have done better.” The ICO also charged TikTok with failing to offer clear information to users about how their personal information is collected and used, as well as with failing to ensure that user data was processed lawfully.The UK government had originally intended to fine TikTok more than twice as much as today’s $15.8 million. However, today’s ICO statement said that the company’s arguments convinced regulators not to pursue an earlier, provisional finding that it had also used special category data unlawfully, bringing the total fine down from an original figure of $33.7 million. “Our [$15.8 million] fine reflects the serious impact their failures may have had,” Edwards stated. “They did not do enough to check who was using their platform or take sufficient action to remove the underage children that were using their platform.”TikTok said in a statement that it is reviewing the decision. While it disagrees with the UK’s action, a spokesperson said that that the company is pleased that regulators reduced the total fine from its original amount.“TikTok is a platform for users aged 13 and over,” the spokesperson said. “We invest heavily to keep under-13s off the platform.”The Chinese-owned social media giant has long been under fire from western regulators for privacy concerns. Several countries — including the US, UK and Canada — have banned it from use on government devices, while Australia and New Zealand have similar restrictions pending. Related content brandpost Sponsored by Cyber NewsWire Hunters announces full adoption of OCSF and introduces OCSF-native search By Cyber NewsWire - Paid Press Release May 07, 2024 5 mins Cyberattacks Security news Administrator of ransomware operation LockBit named, charged, has assets frozen A Russian national alleged to have been the administrator of the notorious and prolific LockBit ransomware provider faces international charges. A $10-million reward for the suspect’s arrest has been offered. By Lucian Constantin May 07, 2024 3 mins Advanced Persistent Threats Hacker Groups Ransomware news US deploys commerce and communications against cyber threats, Blinken says The US government is moving to address the challenges of quantum computing, cloud strategies, and generative AI, Anthony Blinken said in a speech that was light on specifics. By Evan Schuman May 07, 2024 4 mins Cyberattacks Government Threat and Vulnerability Management news Change Healthcare went without cyber insurance before debilitating ransomware attack In doing so, Change exposed itself not just to greater financial risk, but reputational damage too. By John Leyden May 07, 2024 5 mins Data Breach Ransomware PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe