The video sharing app TikTok was fined 345 million euros, or roughly $368 million, Friday by a European regulator that said the platform failed to protect children’s privacy.
The Irish Data Protection Commission said its investigation into TikTok found the app’s policies were inadequate in a number of ways, including setting children’s accounts to public by default and failing to provide sufficient transparency about rules to users.
The commission also identified TikTok’s “Family Pairing” setting as not strict enough. The setting allowed a non-child user — who could not be verified as a parent or guardian — to pair their account with one of a child aged 16-17 and enable direct messages on the child’s account, according to the commission.
The regulator also said that TikTok was “nudging users towards choosing more privacy-intrusive options during the registration process.”
In response to the decision, TikTok’s head of privacy in Europe, Elaine Fox, published a blog post detailing how the platform has updated its policies since the EU’s investigation began in September 2021.
TikTok made all accounts for users aged 13-15 private by default in January 2021, Fox said. The platform will also roll out later this month a “redesigned registration flow” for new users aged 16-17 that will be “pre-selected” for a private account, she said.
On the “Family Pairing” feature, Fox said TikTok has not allowed guardians to enable direct messaging for users aged 16-17 since November 2020 if the feature was already disabled.
The fine from the EU regulator comes amid mounting global scrutiny over how TikTok and other social media companies cater to young users.