TikTok could face a fine of 27 million pounds, or roughly $29 million, over allegations of violating the United Kingdom’s children’s data privacy protection standards, a U.K. agency said Monday.
TikTok allegedly breached the U.K.’s protections for children’s data privacy between May 2018 and July 2020, in part by processing the data for children under 13 without appropriate parental consent, according to an investigation by the U.K.’s Information Commissioner’s Office (ICO).
The ICO also found that TikTok breached privacy protections by failing to provide proper information to users in a transparent way, and processing “special category data” without legal grounds to do so, according to the announcement.
“We all want children to be able to learn and experience the digital world, but with proper data privacy protections. Companies providing digital services have a legal duty to put those protections in place, but our provisional view is that TikTok fell short of meeting that requirement,” Information Commissioner John Edwards said in a statement.
The announcement is a preliminary step, and the ICO will not impose any financial penalty before considering representations from TikTok.
A TikTok spokesperson said in a statement, “we disagree with the preliminary views expressed” by the ICO “and intend to formally respond to the ICO in due course.”
TikTok and other social media platforms have been targeted over how they handle the data of minors.
The U.K. has passed stricter laws regulating kids’ data privacy online than in the U.S., but bipartisan momentum has been building in the U.S. to update the standards.
California passed a law on kids’ online safety earlier this month. On the federal level, two bills aimed at boosting kids’ safety online advanced out of a Senate panel this summer with broad bipartisan support.
Updated at 12:23 p.m.