TikTok has been fined €530 million ($600 million) by the Irish Data Protection Commission for failing to protect European users’ data under the General Data Protection Regulation (GDPR). The company was found to have improperly transferred user data to China, violating GDPR rules.
The Irish authorities claim that TikTok’s weak safeguards put sensitive information at risk across the 27-nation bloc. If TikTok does not meet certain requirements within six months, it will be ordered to suspend data transfers to China. European regulators also expressed concerns that the Chinese government could have gained access to users’ data under its antiterrorism and anti-espionage laws.
TikTok maintained that it complies with EU laws, despite previous denials of storing user data in China. The company has over 175 million European users and operates under Irish regulation. TikTok plans to appeal the decision, which could lead to a lengthy court battle with the Irish government.
The Irish Data Protection Commission stated that European users were not afforded adequate protection equivalent to that guaranteed within the EU. This fine is one of the largest imposed under the GDPR, adding to existing challenges faced by ByteDance, TikTok’s Chinese owner, amid US efforts to force the platform’s sale or ban it in the US.
Source: https://www.nytimes.com/2025/05/02/business/tiktok-eu-data-china.html