TikTok could face a 27 million-pound ($29 million) fine in the U.K. over a possible breach of U.K. data protection law by failing to protect children’s privacy when they are using the video-sharing platform.
The U.K. Information Commissioner’s Office said Monday that it has issued the social media company a legal document that precedes a potential fine. It said TikTok may have processed the data of children under 13 without appropriate parental consent, and processed “special category data” without legal grounds to do so.
The commissioner said “special category data” included ethnic and racial origin, political opinions, religious beliefs and sexual orientation.
It also said TikTok may have failed to provide transparent, easily understood information to its users. The legal document covered the period from May 2018 to July 2020.
Information Commissioner John Edwards said the body’s provisional view was that TikTok “fell short” of providing proper data privacy protections. The body said its findings are not final and that it will consider any representations from TikTok before making a final decision.
“While we respect the ICO’s role in safeguarding privacy in the U.K., we disagree with the preliminary views expressed and intend to formally respond to the ICO,” said a statement released by TikTok, which is owned by the Chinese company ByteDance.
Britain’s government is pushing through its online safety bill, which requires technology companies to protect children from harmful content.
The Information Commissioner’s Office said it has six other ongoing investigations into companies that do not appear to have taken their responsibilities around child safety seriously enough.